diff options
| -rw-r--r-- | IkiWiki/CGI.pm | 14 | ||||
| -rw-r--r-- | IkiWiki/Plugin/comments.pm | 600 | ||||
| -rw-r--r-- | IkiWiki/Plugin/editpage.pm | 11 | ||||
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | debian/copyright | 6 | ||||
| -rw-r--r-- | doc/ikiwiki/pagespec.mdwn | 2 | ||||
| -rw-r--r-- | doc/plugins/anonok.mdwn | 7 | ||||
| -rw-r--r-- | doc/plugins/comments.mdwn | 51 | ||||
| -rw-r--r-- | doc/plugins/comments/discussion.mdwn (renamed from doc/plugins/contrib/comments/discussion.mdwn) | 0 | ||||
| -rw-r--r-- | doc/plugins/contrib/comments.mdwn | 91 | ||||
| -rw-r--r-- | doc/plugins/lockedit.mdwn | 4 | ||||
| -rw-r--r-- | doc/style.css | 7 | ||||
| -rw-r--r-- | doc/wikitemplates.mdwn | 4 | ||||
| -rw-r--r-- | templates/comments_display.tmpl | 36 | ||||
| -rw-r--r-- | templates/comments_form.tmpl | 34 | ||||
| -rw-r--r-- | templates/page.tmpl | 16 |
16 files changed, 781 insertions, 103 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 4399d0dcb..a3486cbb4 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -296,6 +296,20 @@ sub cgi_getsession ($) { #{{{ return $session; } #}}} +# The session id is stored on the form and checked to +# guard against CSRF. But only if the user is logged in, +# as anonok can allow anonymous edits. +sub checksessionexpiry ($$) { # {{{ + my $session = shift; + my $sid = shift; + + if (defined $session->param("name")) { + if (! defined $sid || $sid ne $session->id) { + error(gettext("Your login session has expired.")); + } + } +} # }}} + sub cgi_savesession ($) { #{{{ my $session=shift; diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm new file mode 100644 index 000000000..1eb256da9 --- /dev/null +++ b/IkiWiki/Plugin/comments.pm @@ -0,0 +1,600 @@ +#!/usr/bin/perl +# Copyright © 2006-2008 Joey Hess <joey@ikiwiki.info> +# Copyright © 2008 Simon McVittie <http://smcv.pseudorandom.co.uk/> +# Licensed under the GNU GPL, version 2, or any later version published by the +# Free Software Foundation +package IkiWiki::Plugin::comments; + +use warnings; +use strict; +use IkiWiki 2.00; +use Encode; +use POSIX qw(strftime); + +use constant PREVIEW => "Preview"; +use constant POST_COMMENT => "Post comment"; +use constant CANCEL => "Cancel"; + +my $postcomment; + +sub import { #{{{ + hook(type => "checkconfig", id => 'comments', call => \&checkconfig); + hook(type => "getsetup", id => 'comments', call => \&getsetup); + hook(type => "preprocess", id => '_comment', call => \&preprocess); + hook(type => "sessioncgi", id => 'comment', call => \&sessioncgi); + hook(type => "htmlize", id => "_comment", call => \&htmlize); + hook(type => "pagetemplate", id => "comments", call => \&pagetemplate); + hook(type => "cgi", id => "comments", call => \&linkcgi); + IkiWiki::loadplugin("inline"); +} # }}} + +sub getsetup () { #{{{ + return + plugin => { + safe => 1, + rebuild => 1, + }, + # Pages where comments are shown, but new comments are not + # allowed, will show "Comments are closed". + comments_shown_pagespec => { + type => 'pagespec', + example => 'blog/*', + default => '', + description => 'PageSpec for pages where comments will be shown inline', + link => 'ikiwiki/PageSpec', + safe => 1, + rebuild => 1, + }, + comments_open_pagespec => { + type => 'pagespec', + example => 'blog/* and created_after(close_old_comments)', + default => '', + description => 'PageSpec for pages where new comments can be posted', + link => 'ikiwiki/PageSpec', + safe => 1, + rebuild => 1, + }, + comments_pagename => { + type => 'string', + example => 'comment_', + default => 'comment_', + description => 'Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"', + safe => 0, # manual page moving required + rebuild => undef, + }, + comments_allowdirectives => { + type => 'boolean', + default => 0, + example => 0, + description => 'Interpret directives in comments?', + safe => 1, + rebuild => 0, + }, + comments_allowauthor => { + type => 'boolean', + default => 0, + example => 0, + description => 'Allow anonymous commenters to set an author name?', + safe => 1, + rebuild => 0, + }, + comments_commit => { + type => 'boolean', + example => 1, + default => 1, + description => 'commit comments to the VCS', + # old uncommitted comments are likely to cause + # confusion if this is changed + safe => 0, + rebuild => 0, + }, +} #}}} + +sub htmlize { # {{{ + my %params = @_; + return $params{content}; +} # }}} + +# FIXME: copied verbatim from meta +sub safeurl ($) { #{{{ + my $url=shift; + if (exists $IkiWiki::Plugin::htmlscrubber::{safe_url_regexp} && + defined $IkiWiki::Plugin::htmlscrubber::safe_url_regexp) { + return $url=~/$IkiWiki::Plugin::htmlscrubber::safe_url_regexp/; + } + else { + return 1; + } +} #}}} + +sub preprocess { # {{{ + my %params = @_; + my $page = $params{page}; + + my $format = $params{format}; + if (defined $format && ! exists $IkiWiki::hooks{htmlize}{$format}) { + error(sprintf(gettext("unsupported page format %s"), $format)); + } + + my $content = $params{content}; + if (! defined $content) { + error(gettext("comment must have content")); + } + $content =~ s/\\"/"/g; + + $content = IkiWiki::filter($page, $params{destpage}, $content); + + if ($config{comments_allowdirectives}) { + $content = IkiWiki::preprocess($page, $params{destpage}, + $content); + } + + # no need to bother with htmlize if it's just HTML + $content = IkiWiki::htmlize($page, $params{destpage}, $format, + $content) if defined $format; + + IkiWiki::run_hooks(sanitize => sub { + $content = shift->( + page => $page, + destpage => $params{destpage}, + content => $content, + ); + }); + + # set metadata, possibly overriding [[!meta]] directives from the + # comment itself + + my $commentuser; + my $commentip; + my $commentauthor; + my $commentauthorurl; + + if (defined $params{username}) { + $commentuser = $params{username}; + ($commentauthorurl, $commentauthor) = + linkuser($params{username}); + } + else { + if (defined $params{ip}) { + $commentip = $params{ip}; + } + $commentauthor = gettext("Anonymous"); + } + + $pagestate{$page}{comments}{commentuser} = $commentuser; + $pagestate{$page}{comments}{commentip} = $commentip; + $pagestate{$page}{comments}{commentauthor} = $commentauthor; + $pagestate{$page}{comments}{commentauthorurl} = $commentauthorurl; + if (! defined $pagestate{$page}{meta}{author}) { + $pagestate{$page}{meta}{author} = $commentauthor; + } + if (! defined $pagestate{$page}{meta}{authorurl}) { + $pagestate{$page}{meta}{authorurl} = $commentauthorurl; + } + + if ($config{comments_allowauthor}) { + if (defined $params{claimedauthor}) { + $pagestate{$page}{meta}{author} = $params{claimedauthor}; + } + + if (defined $params{url} and safeurl($params{url})) { + $pagestate{$page}{meta}{authorurl} = $params{url}; + } + } + else { + $pagestate{$page}{meta}{author} = $commentauthor; + $pagestate{$page}{meta}{authorurl} = $commentauthorurl; + } + + if (defined $params{subject}) { + $pagestate{$page}{meta}{title} = $params{subject}; + } + + my $baseurl = urlto($params{destpage}, undef, 1); + my $anchor = ""; + if ($params{page} =~ m/\/(\Q$config{comments_pagename}\E\d+)$/) { + $anchor = $1; + } + $pagestate{$page}{meta}{permalink} = "${baseurl}#${anchor}"; + + eval q{use Date::Parse}; + if (! $@) { + my $time = str2time($params{date}); + $IkiWiki::pagectime{$page} = $time if defined $time; + } + + # FIXME: hard-coded HTML (although it's just to set an ID) + return "<div id=\"$anchor\">$content</div>" if $anchor; + return $content; +} # }}} + +sub checkconfig () { #{{{ + $config{comments_commit} = 1 unless defined $config{comments_commit}; + $config{comments_pagename} = 'comment_' + unless defined $config{comments_pagename}; +} #}}} + +# This is exactly the same as recentchanges_link :-( +sub linkcgi ($) { #{{{ + my $cgi=shift; + if (defined $cgi->param('do') && $cgi->param('do') eq "commenter") { + + my $page=decode_utf8($cgi->param("page")); + if (! defined $page) { + error("missing page parameter"); + } + + IkiWiki::loadindex(); + + my $link=bestlink("", $page); + if (! length $link) { + print "Content-type: text/html\n\n"; + print IkiWiki::misctemplate(gettext(gettext("missing page")), + "<p>". + sprintf(gettext("The page %s does not exist."), + htmllink("", "", $page)). + "</p>"); + } + else { + IkiWiki::redirect($cgi, urlto($link, undef, 1)); + } + + exit; + } +} + +# FIXME: basically the same logic as recentchanges +# returns (author URL, pretty-printed version) +sub linkuser ($) { # {{{ + my $user = shift; + my $oiduser = eval { IkiWiki::openiduser($user) }; + + if (defined $oiduser) { + return ($user, $oiduser); + } + # FIXME: it'd be good to avoid having such a link for anonymous + # posts + else { + return (IkiWiki::cgiurl( + do => 'commenter', + page => (length $config{userdir} + ? "$config{userdir}/$user" + : "$user") + ), $user); + } +} # }}} + +# Mostly cargo-culted from IkiWiki::plugin::editpage +sub sessioncgi ($$) { #{{{ + my $cgi=shift; + my $session=shift; + + my $do = $cgi->param('do'); + return unless $do eq 'comment'; + + IkiWiki::decode_cgi_utf8($cgi); + + eval q{use CGI::FormBuilder}; + error($@) if $@; + + my @buttons = (POST_COMMENT, PREVIEW, CANCEL); + my $form = CGI::FormBuilder->new( + fields => [qw{do sid page subject editcontent type author url}], + charset => 'utf-8', + method => 'POST', + required => [qw{editcontent}], + javascript => 0, + params => $cgi, + action => $config{cgiurl}, + header => 0, + table => 0, + template => scalar IkiWiki::template_params('comments_form.tmpl'), + # wtf does this do in editpage? + wikiname => $config{wikiname}, + ); + + IkiWiki::decode_form_utf8($form); + IkiWiki::run_hooks(formbuilder_setup => sub { + shift->(title => "comment", form => $form, cgi => $cgi, + session => $session, buttons => \@buttons); + }); + IkiWiki::decode_form_utf8($form); + + my $type = $form->param('type'); + if (defined $type && length $type && $IkiWiki::hooks{htmlize}{$type}) { + $type = IkiWiki::possibly_foolish_untaint($type); + } + else { + $type = $config{default_pageext}; + } + my @page_types; + if (exists $IkiWiki::hooks{htmlize}) { + @page_types = grep { ! /^_/ } keys %{$IkiWiki::hooks{htmlize}}; + } + + $form->field(name => 'do', type => 'hidden'); + $form->field(name => 'sid', type => 'hidden', value => $session->id, + force => 1); + $form->field(name => 'page', type => 'hidden'); + $form->field(name => 'subject', type => 'text', size => 72); + $form->field(name => 'editcontent', type => 'textarea', rows => 10); + $form->field(name => "type", value => $type, force => 1, + type => 'select', options => \@page_types); + + $form->tmpl_param(username => $session->param('name')); + + if ($config{comments_allowauthor} and + ! defined $session->param('name')) { + $form->tmpl_param(allowauthor => 1); + $form->field(name => 'author', type => 'text', size => '40'); + $form->field(name => 'url', type => 'text', size => '40'); + } + else { + $form->tmpl_param(allowauthor => 0); + $form->field(name => 'author', type => 'hidden', value => '', + force => 1); + $form->field(name => 'url', type => 'hidden', value => '', + force => 1); + } + + # The untaint is OK (as in editpage) because we're about to pass + # it to file_pruned anyway + my $page = $form->field('page'); + $page = IkiWiki::possibly_foolish_untaint($page); + if (! defined $page || ! length $page || + IkiWiki::file_pruned($page, $config{srcdir})) { + error(gettext("bad page name")); + } + + # FIXME: is this right? Or should we be using the candidate subpage + # (whatever that might mean) as the base URL? + my $baseurl = urlto($page, undef, 1); + + $form->title(sprintf(gettext("commenting on %s"), + IkiWiki::pagetitle($page))); + + $form->tmpl_param('helponformattinglink', + htmllink($page, $page, 'ikiwiki/formatting', + noimageinline => 1, + linktext => 'FormattingHelp'), + allowdirectives => $config{allow_directives}); + + if ($form->submitted eq CANCEL) { + # bounce back to the page they wanted to comment on, and exit. + # CANCEL need not be considered in future + IkiWiki::redirect($cgi, urlto($page, undef, 1)); + exit; + } + + if (not exists $pagesources{$page}) { + error(sprintf(gettext( + "page '%s' doesn't exist, so you can't comment"), + $page)); + } + + if (not pagespec_match($page, $config{comments_open_pagespec}, + location => $page)) { + error(sprintf(gettext( + "comments on page '%s' are closed"), + $page)); + } + + # Set a flag to indicate that we're posting a comment, + # so that postcomment() can tell it should match. + $postcomment=1; + IkiWiki::check_canedit($page, $cgi, $session); + $postcomment=0; + + # FIXME: rather a simplistic way to make the comments... + my $i = 0; + my $file; + my $location; + do { + $i++; + $location = "$page/$config{comments_pagename}$i"; + } while (-e "$config{srcdir}/$location._comment"); + + my $content = "[[!_comment format=$type\n"; + + # FIXME: handling of double quotes probably wrong? + if (defined $session->param('name')) { + my $username = $session->param('name'); + $username =~ s/"/"/g; + $content .= " username=\"$username\"\n"; + } + elsif (defined $ENV{REMOTE_ADDR}) { + my $ip = $ENV{REMOTE_ADDR}; + if ($ip =~ m/^([.0-9]+)$/) { + $content .= " ip=\"$1\"\n"; + } + } + + if ($config{comments_allowauthor}) { + my $author = $form->field('author'); + if (length $author) { + $author =~ s/"/"/g; + $content .= " claimedauthor=\"$author\"\n"; + } + my $url = $form->field('url'); + if (length $url) { + $url =~ s/"/"/g; + $content .= " url=\"$url\"\n"; + } + } + + my $subject = $form->field('subject'); + if (length $subject) { + $subject =~ s/"/"/g; + $content .= " subject=\"$subject\"\n"; + } + + $content .= " date=\"" . decode_utf8(strftime('%Y-%m-%dT%H:%M:%SZ', gmtime)) . "\"\n"; + + my $editcontent = $form->field('editcontent') || ''; + $editcontent =~ s/\r\n/\n/g; + $editcontent =~ s/\r/\n/g; + $editcontent =~ s/"/\\"/g; + $content .= " content=\"\"\"\n$editcontent\n\"\"\"]]\n"; + + # This is essentially a simplified version of editpage: + # - the user does not control the page that's created, only the parent + # - it's always a create operation, never an edit + # - this means that conflicts should never happen + # - this means that if they do, rocks fall and everyone dies + + if ($form->submitted eq PREVIEW) { + my $preview = IkiWiki::htmlize($location, $page, '_comment', + IkiWiki::linkify($page, $page, + IkiWiki::preprocess($page, $page, + IkiWiki::filter($location, + $page, $content), + 0, 1))); + IkiWiki::run_hooks(format => sub { + $preview = shift->(page => $page, + content => $preview); + }); + + my $template = template("comments_display.tmpl"); + $template->param(content => $preview); + $template->param(title => $form->field('subject')); + $template->param(ctime => displaytime(time)); + + $form->tmpl_param(page_preview => $template->output); + } + else { + $form->tmpl_param(page_preview => ""); + } + + if ($form->submitted eq POST_COMMENT && $form->validate) { + my $file = "$location._comment"; + + IkiWiki::checksessionexpiry($session, $cgi->param('sid')); + + # FIXME: could probably do some sort of graceful retry + # on error? Would require significant unwinding though + writefile($file, $config{srcdir}, $content); + + my $conflict; + + if ($config{rcs} and $config{comments_commit}) { + my $message = gettext("Added a comment"); + if (defined $form->field('subject') && + length $form->field('subject')) { + $message = sprintf( + gettext("Added a comment: %s"), + $form->field('subject')); + } + + IkiWiki::rcs_add($file); + IkiWiki::disable_commit_hook(); + $conflict = IkiWiki::rcs_commit_staged($message, + $session->param('name'), $ENV{REMOTE_ADDR}); + IkiWiki::enable_commit_hook(); + IkiWiki::rcs_update(); + } + + # Now we need a refresh + require IkiWiki::Render; + IkiWiki::refresh(); + IkiWiki::saveindex(); + + # this should never happen, unless a committer deliberately + # breaks it or something + error($conflict) if defined $conflict; + + # Bounce back to where we were, but defeat broken caches + my $anticache = "?updated=$page/$config{comments_pagename}$i"; + IkiWiki::redirect($cgi, urlto($page, undef, 1).$anticache); + } + else { + IkiWiki::showform ($form, \@buttons, $session, $cgi, + forcebaseurl => $baseurl); + } + + exit; +} #}}} + +sub pagetemplate (@) { #{{{ + my %params = @_; + + my $page = $params{page}; + my $template = $params{template}; + + if ($template->query(name => 'comments')) { + my $comments = undef; + + my $open = 0; + my $shown = pagespec_match($page, + $config{comments_shown_pagespec}, + location => $page); + + if (pagespec_match($page, "*/$config{comments_pagename}*", + location => $page)) { + $shown = 0; + $open = 0; + } + + if (length $config{cgiurl}) { + $open = pagespec_match($page, + $config{comments_open_pagespec}, + location => $page); + } + + if ($shown) { + $comments = IkiWiki::preprocess_inline( + pages => "internal($page/$config{comments_pagename}*)", + template => 'comments_display', + show => 0, + reverse => 'yes', + page => $page, + destpage => $params{destpage}, + feedfile => 'comments', + emptyfeeds => 'no', + ); + } + + if (defined $comments && length $comments) { + $template->param(comments => $comments); + } + + if ($open) { + my $commenturl = IkiWiki::cgiurl(do => 'comment', + page => $page); + $template->param(commenturl => $commenturl); + } + } + + if ($template->query(name => 'commentuser')) { + $template->param(commentuser => + $pagestate{$page}{comments}{commentuser}); + } + + if ($template->query(name => 'commentip')) { + $template->param(commentip => + $pagestate{$page}{comments}{commentip}); + } + + if ($template->query(name => 'commentauthor')) { + $template->param(commentauthor => + $pagestate{$page}{comments}{commentauthor}); + } + + if ($template->query(name => 'commentauthorurl')) { + $template->param(commentauthorurl => + $pagestate{$page}{comments}{commentauthorurl}); + } +} # }}} + +package IkiWiki::PageSpec; + +sub match_postcomment ($$;@) { + my $page = shift; + my $glob = shift; + + if (! $postcomment) { + return IkiWiki::FailReason->new("not posting a comment"); + } + return match_glob($page, $glob); +} + +1 diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index fe2864bac..e4f0cdac0 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -340,16 +340,7 @@ sub cgi_editpage ($$) { #{{{ else { # save page check_canedit($page, $q, $session); - - # The session id is stored on the form and checked to - # guard against CSRF. But only if the user is logged in, - # as anonok can allow anonymous edits. - if (defined $session->param("name")) { - my $sid=$q->param('sid'); - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } - } + checksessionexpiry($session, $q->param('sid')); my $exists=-e "$config{srcdir}/$file"; diff --git a/debian/changelog b/debian/changelog index 8f5783208..b884dd596 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,6 @@ ikiwiki (2.71) UNRELEASED; urgency=low + * comments: Blog-style comment support, contributed by Simon McVittie. * htmlbalance: New plugin contributed by Simon McVittie. * Change deb dependencies to list Text::Markdown before markdown (really this time). diff --git a/debian/copyright b/debian/copyright index 546836226..b9ea89d81 100644 --- a/debian/copyright +++ b/debian/copyright @@ -112,6 +112,12 @@ Files: google.pm Copyright: Copyright (C) 2008 Peter Simons <simons@cryp.to> License: GPL-2+ +Files: comments.pm +Copyright: + © 2006-2008 Joey Hess <joey@ikiwiki.info> + © 2008 Simon McVittie <http://smcv.pseudorandom.co.uk/> +License: GPL-2+ + Files: doc/logo/* Copyright: © 2006 Recai Oktaş <roktas@debian.org> License: GPL-2+ diff --git a/doc/ikiwiki/pagespec.mdwn b/doc/ikiwiki/pagespec.mdwn index c78666c40..d4dd265cc 100644 --- a/doc/ikiwiki/pagespec.mdwn +++ b/doc/ikiwiki/pagespec.mdwn @@ -47,6 +47,8 @@ Some more elaborate limits can be added to what matches using these functions: wiki admins. * "`ip(address)`" - tests whether a modification is being made from the specified IP address. +* "`postcomment(glob)`" - matches only when comments are being + posted to a page matching the specified glob For example, to match all pages in a blog that link to the page about music and were written in 2005: diff --git a/doc/plugins/anonok.mdwn b/doc/plugins/anonok.mdwn index 2a8a922cd..ab2f744e2 100644 --- a/doc/plugins/anonok.mdwn +++ b/doc/plugins/anonok.mdwn @@ -5,5 +5,10 @@ By default, anonymous users cannot edit the wiki. This plugin allows anonymous web users, who have not signed in, to edit any page in the wiki by default. -The plugin also has a configuration setting, `anonok_pagespec`. This +The plugin also has a configuration setting, `anonok_pages`. This [[PageSpec]] can be used to allow anonymous editing of matching pages. + +If you're using the [[comments]] plugin, you can allow anonymous comments +to be posted by setting: + + anonok_pages => "postcomment(*)" diff --git a/doc/plugins/comments.mdwn b/doc/plugins/comments.mdwn new file mode 100644 index 000000000..fa263ef40 --- /dev/null +++ b/doc/plugins/comments.mdwn @@ -0,0 +1,51 @@ +[[!template id=plugin name=comments author="[[Simon_McVittie|smcv]]"]] +[[!tag type/useful]] + +This plugin adds "blog-style" comments. Unlike the wiki-style freeform +Discussion pages, these comments are posted by a simple form, cannot later +be edited, and rss/atom feeds are provided of each page's comments. + +When using this plugin, you should also enable [[htmlscrubber]] and either +[[htmltidy]] or [[htmlbalance]]. Directives are filtered out by default, to +avoid commenters slowing down the wiki by causing time-consuming +processing. As long as the recommended plugins are enabled, comment +authorship should hopefully be unforgeable by CGI users. + +The intention is that on a non-wiki site (like a blog) you can lock all +pages for admin-only access, then allow otherwise unprivileged (or perhaps +even anonymous) users to comment on posts. See the documentation of the +[[lockedit]] and [[anonok]] pages for details on locking down a wiki so +users can only post comments. + +Individual comments are stored as internal-use pages named something like +`page/comment_1`, `page/comment_2`, etc. These pages internally use a +`\[[!_comment]]` [[ikiwiki/directive]]. + +There are some global options for the setup file: + +* `comments_shown_pagespec`: pages where comments will be displayed inline, + e.g. `blog/*` or `!*/discussion`. +* `comments_open_pagespec`: pages where new comments can be posted, e.g. + `blog/* and created_after(close_old_comments)` or `!*/discussion` +* `comments_pagename`: if this is e.g. `comment_` (the default), then + comment pages will be named something like `page/comment_12` +* `comments_allowdirectives`: if true (default false), comments may + contain IkiWiki [[directives|ikiwiki/directive]] +* `comments_commit`: if true (default true), comments will be committed to + the version control system +* `comments_allowauthor`: if true (default false), anonymous commenters may + specify a name for themselves, and the \[[!meta author]] and + \[[!meta authorurl]] directives will not be overridden by the comments + plugin + +Known issues: + +* Needs code review +* The access control via postcomment() is rather strange (see [[discussion]] for more details) +* There is some common code cargo-culted from other plugins (notably inline and editpage) which + should probably be shared +* Joey doesn't think it should necessarily use internal pages (see [[discussion]]) +* Previews always say "unknown IP address" +* Add `COMMENTOPENID`: the authenticated/verified user name, if and only if it was an OpenID +* The default template should have a (?) icon next to unauthenticated users (with the IP address + as title) and an OpenID icon next to OpenIDs diff --git a/doc/plugins/contrib/comments/discussion.mdwn b/doc/plugins/comments/discussion.mdwn index 59740ec37..59740ec37 100644 --- a/doc/plugins/contrib/comments/discussion.mdwn +++ b/doc/plugins/comments/discussion.mdwn diff --git a/doc/plugins/contrib/comments.mdwn b/doc/plugins/contrib/comments.mdwn deleted file mode 100644 index d2ca8d17d..000000000 --- a/doc/plugins/contrib/comments.mdwn +++ /dev/null @@ -1,91 +0,0 @@ -[[!template id=plugin name=comments author="[[Simon_McVittie|smcv]]"]] -[[!tag type/useful]] - -This plugin adds "blog-style" comments. The intention is that on a non-wiki site -(like a blog) you can lock all pages for admin-only access, then allow otherwise -unprivileged (or perhaps even anonymous) users to comment on posts. - -When using this plugin, you should also enable [[htmlscrubber]] and either [[htmltidy]] -or [[htmlbalance]]. Directives are filtered out by default, to avoid commenters slowing -down the wiki by causing time-consuming processing. As long as the recommended plugins -are enabled, comment authorship should hopefully be unforgeable by CGI users. - -The plugin adds a new [[ikiwiki/PageSpec]] match type, `postcomment`, for use -with `anonok_pagespec` from the [[plugins/anonok]] plugin or `locked_pages` from -the [[plugins/lockedit]] plugin. Typical usage would be something like: - - locked_pages => "!postcomment(*)" - -to allow non-admin users to comment on pages, but not edit anything. You can also do - - anonok_pages => "postcomment(*)" - -to allow anonymous comments (the IP address will be used as the "author"). - -There are some global options for the setup file: - -* `comments_shown_pagespec`: pages where comments will be displayed inline, e.g. `blog/*` - or `*/discussion`. -* `comments_open_pagespec`: pages where new comments can be posted, e.g. - `blog/* and created_after(close_old_comments)` or `*/discussion` -* `comments_pagename`: if this is e.g. `comment_` (the default), then comments on the - [[sandbox]] will be called something like `sandbox/comment_12` -* `comments_allowdirectives`: if true (default false), comments may contain IkiWiki - directives -* `comments_commit`: if true (default true), comments will be committed to the version - control system -* `comments_allowauthor`: if true (default false), anonymous commenters may specify a - name for themselves, and the \[[!meta author]] and \[[!meta authorurl]] directives - will not be overridden by the comments plugin - -Templates that will display comments (by default that means `comments_display.tmpl`) -can use the following additional `<TMPL_VAR>`s: - -* `COMMENTUSER`: the authenticated/verified user name, or undefined if the user was not signed in -* `COMMENTIP`: the remote IP address, or undefined if not known (this is not currently recorded - for users who are signed in, who are assumed to be vaguely accountable) -* `COMMENTAUTHOR`: a "prettier" version of the authenticated/verified user name (e.g. OpenIDs are - formatted the same way as in [[RecentChanges]]), or the result of localizing "Anonymous" if the - user was not signed in -* `COMMENTAUTHORURL`: if the user was signed in with an OpenID, that URL; if the user was signed - in with some other username, a CGI URL that redirects to their user page (if any) - -This plugin also adds a `\[[!_comment]]` directive which is used when storing comments. This -directive is for internal use only and shouldn't be used on pages that are edited in the usual way. - -This plugin aims to close the [[todo]] item "[[todo/supporting_comments_via_disussion_pages]]", -and is currently available from [[smcv]]'s git repository on git.pseudorandom.co.uk (it's the -`comments-rebase2` branch). A demo wiki with the plugin enabled is running at -<http://www.pseudorandom.co.uk/2008/ikiwiki/demo/>; the -[sandbox page](http://www.pseudorandom.co.uk/2008/ikiwiki/demo/sandbox/#comments) has some -examples of comments. - -Known issues: - -* Needs code review -* The access control via postcomment() is rather strange (see [[discussion]] for more details) -* There is some common code cargo-culted from other plugins (notably inline and editpage) which - should probably be shared -* Joey doesn't think it should necessarily use internal pages (see [[discussion]]) -* Previews always say "unknown IP address" -* Add `COMMENTOPENID`: the authenticated/verified user name, if and only if it was an OpenID -* The default template should have a (?) icon next to unauthenticated users (with the IP address - as title) and an OpenID icon next to OpenIDs - -> I haven't done a detailed code review, but I will say I'm pleased you -> avoided re-implementing inline! --[[Joey]] - -Fixed issues: - -* Joey didn't think the `\[[!comments]]` directive was appropriate; comments now appear - on pages selected with a [[ikiwiki/pagespec]] -* Joey thought that raw HTML should always be allowed; it now is -* tbm wanted anonymous people to be able to enter their name and possibly email - address; a name and website can now be supplied -* There is now an indication of who you're signed in as -* Each comment is now one big \[[!_comment]] directive invocation, avoiding previous - issues with unambiguous and un-spoofable metadata -* `\[[!comment]]` should be `\[[!_comment]]`, or a special filter/htmlize hook rather - than being a directive at all -* [[todo/inline_plugin:_ability_to_override_the_feed_name]] -* [[todo/inline_plugin:_hide_feed_buttons_if_empty]] diff --git a/doc/plugins/lockedit.mdwn b/doc/plugins/lockedit.mdwn index 71bf232ab..d2e98e07a 100644 --- a/doc/plugins/lockedit.mdwn +++ b/doc/plugins/lockedit.mdwn @@ -17,6 +17,10 @@ One handy thing to do if you're using ikiwiki for your blog is to lock posts in your blog, while still letting them comment via the Discussion pages. +Alternatively, if you're using the [[comments]] plugin, you can lock +"!postcomment(*)" to allow users to comment on pages, but not edit anything +else. + Wiki administrators can always edit locked pages. The [[ikiwiki/PageSpec]] can specify that some pages are not locked for some users. For example, "important_page and !user(joey)" locks `important_page` while still diff --git a/doc/style.css b/doc/style.css index 5787ef65e..70f31d325 100644 --- a/doc/style.css +++ b/doc/style.css @@ -12,7 +12,7 @@ display: block; } -.author { +.inlineheader .author { margin: 0; font-size: 18px; font-weight: bold; @@ -372,3 +372,8 @@ legend { span.color { padding: 2px; } + +.comments-display .author { font-weight: bold; } +.comments-display { border: 1px inset #999; margin: 3px; padding: 3px; } +.comments-header { font-style: italic; } +.comments-subject { font-weight: bold; border-bottom: 1px solid #999; } diff --git a/doc/wikitemplates.mdwn b/doc/wikitemplates.mdwn index babd70211..6fb4d5f49 100644 --- a/doc/wikitemplates.mdwn +++ b/doc/wikitemplates.mdwn @@ -29,6 +29,10 @@ located in /usr/share/ikiwiki/templates by default. form to wiki pages. * `searchquery.tmpl` - This is an omega template, used by the [[plugins/search]] plugin. +* `comments_display.tmpl` - This template is used to display a comment + by the [[plugins/comments]] plugin. +* `comments_form.tmpl` - This template is the comment post form for the + [[plugins/comments]] plugin. The [[plugins/pagetemplate]] plugin can allow individual pages to use a different template than `page.tmpl`. diff --git a/templates/comments_display.tmpl b/templates/comments_display.tmpl new file mode 100644 index 000000000..bc4b70273 --- /dev/null +++ b/templates/comments_display.tmpl @@ -0,0 +1,36 @@ +<div class="comments-display"> + +<div class="comments-header"> +Posted by +<TMPL_IF NAME="COMMENTUSER"> +<span class="author"> +<TMPL_IF NAME="COMMENTAUTHORURL"> +<a href="<TMPL_VAR NAME=COMMENTAUTHORURL>"><TMPL_VAR NAME=COMMENTAUTHOR></a> +<TMPL_ELSE> +<TMPL_VAR NAME=AUTHOR> +</TMPL_IF> +</span> +<TMPL_ELSE> +<TMPL_IF NAME=COMMENTIP> +<span class="author"> +<TMPL_VAR NAME=COMMENTIP> +</span> +<TMPL_ELSE> +unknown IP address +</TMPL_IF> + +<TMPL_IF NAME=AUTHOR> +(<span class="claimedauthor"><TMPL_IF NAME="AUTHORURL"><a href="<TMPL_VAR NAME=AUTHORURL>"><TMPL_VAR NAME=AUTHOR></a><TMPL_ELSE><TMPL_VAR NAME=AUTHOR></TMPL_IF></span>) +</TMPL_IF> +</TMPL_IF> + +(<TMPL_VAR CTIME>) +</div> + +<div class="comments-subject"><TMPL_VAR TITLE></div> + +<div class="inlinecontent"> +<TMPL_VAR CONTENT> +</div> + +</div><!--.comments-display--> diff --git a/templates/comments_form.tmpl b/templates/comments_form.tmpl new file mode 100644 index 000000000..9a9455f99 --- /dev/null +++ b/templates/comments_form.tmpl @@ -0,0 +1,34 @@ +<div class="comments-form"> +<TMPL_VAR MESSAGE> +<TMPL_VAR FORM-START> +<TMPL_VAR FIELD-DO> +<TMPL_VAR FIELD-SID> +<TMPL_VAR FIELD-PAGE> +<TMPL_IF NAME=USERNAME> +Signed in as <TMPL_VAR NAME=USERNAME ESCAPE=HTML><br /> +<TMPL_ELSE> +<TMPL_IF NAME=ALLOWAUTHOR> +Name: <TMPL_VAR NAME=FIELD-AUTHOR> (optional)<br /> +Website: <TMPL_VAR NAME=FIELD-URL> (optional)<br /> +</TMPL_IF> +</TMPL_IF> +Subject: <TMPL_VAR FIELD-SUBJECT><br /> +<TMPL_VAR FIELD-EDITCONTENT><br /> +Page type: <TMPL_VAR FIELD-TYPE><br /> +<TMPL_VAR FORM-SUBMIT><br /> +<TMPL_VAR HELPONFORMATTINGLINK><br /> +A subset of HTML is allowed.<br /> +IkiWiki directives ([[!directive]]) are <TMPL_UNLESS NAME="ALLOWDIRECTIVES">not </TMPL_UNLESS>allowed in comments on this wiki.<br /> +<TMPL_VAR NAME="FORM-END"> + +<TMPL_IF NAME="PAGE_PREVIEW"> +<hr /> +<div class="header"> +<span>Comment preview:</span> +</div><!-- .header --> +<div id="preview"> +<TMPL_VAR PAGE_PREVIEW> +</div><!-- #preview --> +</TMPL_IF> + +</div><!-- .comments-form --> diff --git a/templates/page.tmpl b/templates/page.tmpl index 8c2ca668f..ea50fb722 100644 --- a/templates/page.tmpl +++ b/templates/page.tmpl @@ -67,6 +67,22 @@ <TMPL_VAR CONTENT> </div> +<TMPL_IF COMMENTS> +<div id="comments"> +<TMPL_VAR COMMENTS> +</div> + +<TMPL_UNLESS COMMENTURL> +<div class="addcomment">Comments on this page are closed.</div> +</TMPL_UNLESS> +</TMPL_IF> + +<TMPL_IF COMMENTURL> +<div class="addcomment"> +<a href="<TMPL_VAR COMMENTURL>">Add a comment</a> +</div> +</TMPL_IF> + <div id="footer" class="pagefooter"> <div id="pageinfo"> |