summaryrefslogtreecommitdiff
path: root/IkiWiki/CGI.pm
diff options
context:
space:
mode:
Diffstat (limited to 'IkiWiki/CGI.pm')
-rw-r--r--IkiWiki/CGI.pm11
1 files changed, 7 insertions, 4 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index b884a32f2..aeccd31ac 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -286,9 +286,10 @@ sub cgi_prefs ($$) { #{{{
}
} #}}}
-sub cgi_editpage ($$) { #{{{
+sub cgi_editpage ($$;$) { #{{{
my $q=shift;
my $session=shift;
+ my $blogpost=shift;
my @fields=qw(do rcsinfo subpage from page type editcontent comments
newfile);
@@ -322,6 +323,9 @@ sub cgi_editpage ($$) { #{{{
# characters.
my ($page)=$form->field('page');
$page=titlepage(possibly_foolish_untaint($page));
+ if ($blogpost) {
+ $page=~s/(\/)/"__".ord($1)."__"/eg;
+ }
if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
error("bad page name");
}
@@ -682,7 +686,6 @@ sub cgi (;$$) { #{{{
}
elsif ($do eq 'blog') {
my $page=decode_utf8($q->param('title'));
- $page=~s/\// /g; # remove slashes to avoid accidental subpages
# if the page already exists, munge it to be unique
my $from=$q->param('from');
my $add="";
@@ -691,9 +694,9 @@ sub cgi (;$$) { #{{{
$add++;
}
$q->param('page', $page.$add);
- # now run same as create
+ # now run same as create, except escape slashes too
$q->param('do', 'create');
- cgi_editpage($q, $session);
+ cgi_editpage($q, $session, 1);
}
elsif ($do eq 'postsignin') {
error(gettext("login failed, perhaps you need to turn on cookies?"));
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-26 15:15:20 +0000