summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin
diff options
context:
space:
mode:
authorJoey Hess <joey@kodama.kitenet.net>2008-07-01 13:31:09 -0400
committerJoey Hess <joey@kodama.kitenet.net>2008-07-01 13:31:09 -0400
commita78a981792e7420783f5064f52100635429922f1 (patch)
tree34bcbc872515d837da3ab198d69f6506aacd21bd /IkiWiki/Plugin
parentb4296a49438d5cdb3dd8cfd8bb4185c909b1328b (diff)
attachment location
Put the attachment in a subdir of the page it's attached to, unless that page is an "index" page.
Diffstat (limited to 'IkiWiki/Plugin')
-rw-r--r--IkiWiki/Plugin/attachment.pm18
1 files changed, 9 insertions, 9 deletions
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm
index 23862bc05..f9d7f14f6 100644
--- a/IkiWiki/Plugin/attachment.pm
+++ b/IkiWiki/Plugin/attachment.pm
@@ -42,21 +42,21 @@ sub formbuilder (@) { #{{{
# of the temp file that CGI writes the upload to.
my $tempfile=$q->tmpFileName($filename);
+ # Put the attachment in a subdir of the page it's attached
+ # to, unless that page is an "index" page.
+ my $page=$form->field('page');
+ $page=~s/(^|\/)index//;
+ $filename="$page/$filename";
+
# To untaint the filename, escape any hazardous characters,
# and make sure it isn't pruned.
- $filename=IkiWiki::possibly_foolish_untaint(IkiWiki::titlepage($filename));
+ $filename=IkiWiki::titlepage(IkiWiki::possibly_foolish_untaint($filename);
if (IkiWiki::file_pruned($filename, $config{srcdir})) {
error(gettext("bad attachment filename"));
}
- # XXX Put the attachment in a subdir corresponding to the
- # page being edited.
- # The editpage code has already checked that
- # $form->field('page') is valid.
- $filename="XXX/$filename";
-
- # Also check that the user is allowed to edit it by other
- # policies.
+ # Check that the user is allowed to edit a page with the
+ # name of the attachment.
IkiWiki::check_canedit($filename, $q, $params{session}, 1);
# Use a pagespec to test that the attachment is valid.