diff options
| author | intrigeri <intrigeri@boum.org> | 2008-12-30 18:24:36 +0100 |
|---|---|---|
| committer | intrigeri <intrigeri@boum.org> | 2008-12-30 18:24:36 +0100 |
| commit | 21add7ffa87a5e622d18bdbb24c638c15bdb3800 (patch) | |
| tree | 6780aa6dbee71f18db64e44b012e789fc8197d4b /IkiWiki/Plugin/editpage.pm | |
| parent | 3190e5cea75a43d38f58b8a45fbc87d5527d18f0 (diff) | |
| parent | 3032909090711c86c5056987043eeff5a1f6aec2 (diff) | |
Merge commit 'upstream/master' into prv/po
Conflicts:
debian/control
debian/copyright
doc/ikiwiki/pagespec.mdwn
Signed-off-by: intrigeri <intrigeri@boum.org>
Diffstat (limited to 'IkiWiki/Plugin/editpage.pm')
| -rw-r--r-- | IkiWiki/Plugin/editpage.pm | 28 |
1 files changed, 9 insertions, 19 deletions
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index fe2864bac..ed994306f 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -6,19 +6,19 @@ use strict; use IkiWiki; use open qw{:utf8 :std}; -sub import { #{{{ +sub import { hook(type => "getsetup", id => "editpage", call => \&getsetup); hook(type => "refresh", id => "editpage", call => \&refresh); hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage); -} # }}} +} -sub getsetup () { #{{{ +sub getsetup () { return plugin => { safe => 1, rebuild => 1, }, -} #}}} +} sub refresh () { if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) { @@ -54,7 +54,7 @@ sub refresh () { # and other plugins use the functions below. package IkiWiki; -sub check_canedit ($$$;$) { #{{{ +sub check_canedit ($$$;$) { my $page=shift; my $q=shift; my $session=shift; @@ -79,9 +79,9 @@ sub check_canedit ($$$;$) { #{{{ } }); return $canedit; -} #}}} +} -sub cgi_editpage ($$) { #{{{ +sub cgi_editpage ($$) { my $q=shift; my $session=shift; @@ -105,7 +105,6 @@ sub cgi_editpage ($$) { #{{{ header => 0, table => 0, template => scalar template_params("editpage.tmpl"), - wikiname => $config{wikiname}, ); decode_form_utf8($form); @@ -340,16 +339,7 @@ sub cgi_editpage ($$) { #{{{ else { # save page check_canedit($page, $q, $session); - - # The session id is stored on the form and checked to - # guard against CSRF. But only if the user is logged in, - # as anonok can allow anonymous edits. - if (defined $session->param("name")) { - my $sid=$q->param('sid'); - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } - } + checksessionexpiry($q, $session, $q->param('sid')); my $exists=-e "$config{srcdir}/$file"; @@ -462,6 +452,6 @@ sub cgi_editpage ($$) { #{{{ } exit; -} #}}} +} 1 |