summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorchrysn <chrysn@fsfe.org>2009-03-24 08:21:22 +0100
committerchrysn <chrysn@fsfe.org>2009-03-24 08:21:22 +0100
commit82281d1aef347080ff235ad18e92613012093f49 (patch)
treef69ff7d4733af3b65aecd6437bc2058ddfa47156
parent19d04c309bb39974fe760f4904922b00e3e51cfc (diff)
wishlist, patch: inline autotitles
-rw-r--r--doc/todo/inline_autotitles.mdwn45
1 files changed, 45 insertions, 0 deletions
diff --git a/doc/todo/inline_autotitles.mdwn b/doc/todo/inline_autotitles.mdwn
new file mode 100644
index 000000000..9846687e9
--- /dev/null
+++ b/doc/todo/inline_autotitles.mdwn
@@ -0,0 +1,45 @@
+[[!tag wishlist]]
+[[!tag patch]]
+
+for inlines of pages which follow a certain scheme, it might not be required to
+set the title for each individual post, but to automatically set the title.
+this can either be based on timestamp formatting, or use the already existing
+munging mechanism, which appends numbers to page titles in case that page
+already exists.
+
+two [patches][1] set inline up for that, adding an additional `autotitle`
+parameter. if that is given, the regular input of the inline postform will be
+replaced with a hidden input of that text. in addition, the empty title is
+permitted (both for autotitle and regular titles, as they go in the same GET
+parameter, `title`). as the empty page title is illegal, munging is used,
+resulting in ascending numeric page titles to be created.
+
+the second patch is actually a one-liner, filtering the title through sprintf.
+
+### potential user interaction issues
+
+this has two side effects which have to be considered: first, the empty page
+title is accepted also in normal postforms (previously, this resulted in a "bad
+page name" error); second, entering a percent sign in that field might result
+in unexpexted sprintf substitution (sprintf might not even substitute for
+common uses of percent as in "reach 10% market share", but might in others as
+in "the 10%-rule").
+
+both can be circumvented by using another GET parameter for autotexts, for
+which i could provide a patch. (as of writing this, i think i'll do that.)
+
+### potential security issues
+
+* the autotitle's value is directly output through the template (but that's
+ done in other places as well, so i assume it's safe)
+* i don't know if anything bad can happen if unfiltered content is passed to
+ POSIX::strftime.
+
+### further extension
+
+having a pre-filled input field instead of an unchangable hidden input might be
+cool (eg for creating an entry with yesterday's date), but would be a bit of a
+problem with static pages. javascript could help with the date part, but name
+munging would be yet another thing.
+
+[1]: http://...