Commit Graph

8515 Commits (ebe140201ed53ee4f8cf5998c69e20d5fef2ad16)

Author SHA1 Message Date
Simon McVittie ebe140201e comments: sanitize the body of each comment before posting it
This should ensure that users can't "break out" from the enclosing
<div>, making it impossible to forge comments (assuming htmlscrubber
is enabled, and so is either htmlbalance or htmltidy).
2008-12-11 21:14:03 +00:00
Simon McVittie 57e40b9ce5 Fix typo that led to comments being blanked 2008-12-11 21:14:02 +00:00
Simon McVittie 3d4aa065d6 postcomment: Rename plugin to comments, use *._comment files
The PageSpec is still called "postcomment" since that's what it means.
2008-12-11 21:14:02 +00:00
Simon McVittie 3c9ccb406b Rename smcvpostcomment plugin to postcomment to propose for inclusion 2008-12-11 21:14:02 +00:00
Simon McVittie b7db3444a5 smcvpostcomment: allow commenting to be closed 2008-12-11 21:14:02 +00:00
Simon McVittie f49603bf86 smcvpostcomment: import other plugins lazily and remove unnecessary use of CGI 2008-12-11 21:14:02 +00:00
Simon McVittie 2857b301e7 smcvpostcomment_*.tmpl: make class names match template names
Also put "posting comments disabled" in [], and change "Page preview"
to "Comment preview".
2008-12-11 21:14:02 +00:00
Simon McVittie 442e4e7e12 smcvpostcomment: allow inlining to be disabled, and pass through atom etc. better 2008-12-11 21:14:02 +00:00
Simon McVittie bb4eb07bdd smcvpostcomment: make allowhtml etc. configurable, and don't allow commenting on pages where comments have never been allowed 2008-12-11 21:14:02 +00:00
Simon McVittie d18adfb1ad smcvpostcomment: indicate in form whether HTML and directives are allowed 2008-12-11 21:14:02 +00:00
Simon McVittie 1bd1b03766 smcvpostcomment: remove HTML if not allowed 2008-12-11 21:14:02 +00:00
Simon McVittie 660a4ef151 smcvpostcomment: always allow wikilinks, and do access control
wikilinks are harmless, so we might as well allow them.

Access control for this plugin is a bit odd, since we specifically
don't want to allow comments to be edited - so the check is whether the
user is allowed to edit a deliberately invalid page name,
page/commented/on[smcvpostcomment]. You can put smcvpostcomment(*)
or smcvpostcomment(some/subdir/*) in $config{anonok_pagespec}
or the opposite in $config{locked_pages} to allow "editing" (really
just posting) comments.
2008-12-11 21:14:02 +00:00
Simon McVittie 798dea2033 smcvpostcomment: reduce length of subject field 2008-12-11 21:14:02 +00:00
Simon McVittie 29862a8cc8 smcvpostcomment: explain what $fake is for 2008-12-11 21:14:01 +00:00
Simon McVittie 42b15f7633 smcvpostcomment: avoid warnings if form field 'body' is undef 2008-12-11 21:14:01 +00:00
Simon McVittie e65c7b73af smcvpostcomment: load inline plugin more forcibly 2008-12-11 21:14:01 +00:00
Simon McVittie 49835784d8 smcvpostcomment: use better names for special comment files 2008-12-11 21:14:01 +00:00
Simon McVittie bd8c4674a8 smcvpostcomment: use gettext where appropriate 2008-12-11 21:14:01 +00:00
Simon McVittie 7be3a15244 Use a link rather than a button for "post comments" 2008-12-11 21:14:01 +00:00
Simon McVittie 7bd9f368b6 Add some basic stylesheet rules for smcvpostcomment 2008-12-11 21:14:01 +00:00
Simon McVittie 446740cfbb style.css: reduce the scope of the .author rule to when it's nested in .inlineheader
In the initial template for blog-style comments, I don't want the author
name to be quite as large and prominent as the author of a blog post - I
expect that comments will be rather short, so the author name stands out
better for a given font size.
2008-12-11 21:14:01 +00:00
Simon McVittie f77f7a02a6 Add initial version of a postcomment plugin (temporarily namespaced as smcvpostcomment) 2008-12-11 21:14:01 +00:00
Joey Hess b67632cdcd inline: Support feedfile option to change the filename of the feed generated. 2008-12-11 15:01:26 -05:00
Joey Hess 2cd7eecf89 looking closer, the existing %knownfeeds won't work 2008-12-11 14:26:58 -05:00
Joey Hess 3b3127643b rethink 2008-12-11 14:12:03 -05:00
Joey Hess e968dbac13 thoughts 2008-12-11 14:09:34 -05:00
Joey Hess 63eb9d834e inline: Support emptyfeeds=no option to skip generating empty feeds. 2008-12-11 14:04:38 -05:00
Joey Hess 38f5e3ba69 move feedpages application up
I wanted this nearer to the top, but decided to put it after the
add_depends. Reasoning: It's possible with a combinaton of feedpages and
show options to make @list and @feedlist contain completly differing sets
of pages. We want to add_depends all pages in both sets. We could combine
the two lists and add_depends that, but it's slightly more efficient to
defer reducing @feedlist, and add_depends whichever list is longer.
2008-12-11 13:58:40 -05:00
Joey Hess a6a85fa444 formatting 2008-12-11 13:32:42 -05:00
Joey Hess 3305fb9d36 markdown fixes 2008-12-11 13:31:25 -05:00
Joey Hess 8b7c2f29bf fix comment 2008-12-11 13:29:30 -05:00
Joey Hess d135bd3f98 add gitremotes script, parsing list of remotes on doc/git.mdwn
Any remotes added will automatically be pulled into my working copy.
2008-12-11 13:27:50 -05:00
http://smcv.pseudorandom.co.uk/ 50ae0dcd8c some issues joeyh reported on IRC 2008-12-11 06:07:37 -05:00
http://smcv.pseudorandom.co.uk/ ec0dff43ce suggest another feature for the comments plugin's benefit 2008-12-11 06:02:49 -05:00
http://smcv.pseudorandom.co.uk/ 120e7553e3 suggest a feature that would improve the comments plugin 2008-12-11 05:59:24 -05:00
http://smcv.pseudorandom.co.uk/ 52bd18aafc Link to sandbox on my demo of the plugin 2008-12-10 22:12:11 -05:00
http://smcv.pseudorandom.co.uk/ 59c29b532e multiple formats now supported 2008-12-10 21:50:15 -05:00
http://smcv.pseudorandom.co.uk/ d6b87bd25e Update with today's changes 2008-12-10 21:44:50 -05:00
http://beza1e1.tuxen.de/ 570eedd7f4 Arch Linux packaged 2008-12-09 16:58:15 -05:00
http://john.choffee.co.uk/ a6b9fadc9a Fixed the pagespec link 2008-12-09 08:27:59 -05:00
http://www.iredale.net/b/ 28ddf3280f 2008-12-07 17:57:49 -05:00
Joey Hess e6e8d906d1 remove ubuntu instructions, which don't belong here
1. apt-get is not yum
2. installing ikiwiki by hand is not the correct thing to do on ubuntu,
   so this page should not mention ubuntu

Also remove instructions for installing deps via yum, now that there is a
ikiwiki package in fedora.
2008-12-07 13:45:50 -05:00
buo 1506638f15 Add command line to install perl modules in ubuntu 8.10 2008-12-05 14:27:29 -05:00
Joey Hess 1c9881cf89 remove clutter in example blog 2008-12-04 16:23:41 -05:00
o 0ea00036db 2008-12-04 15:34:12 -05:00
Joey Hess fa130859dc response 2008-12-03 15:37:48 -05:00
http://alcopop.org/me/openid/ fa72896cdc correct wikilink 2008-12-02 17:18:43 -05:00
Jon Dowland 928c7a821b Merge branch 'master' of git://git.ikiwiki.info 2008-12-02 15:29:29 +00:00
Jon Dowland 0d27e0e329 my edits... 2008-12-02 15:25:44 +00:00
http://alcopop.org/me/openid/ 6edf1126d7 provide for ignoring h1s etc. in toc 2008-12-02 10:25:44 -05:00