diff options
Diffstat (limited to 'IkiWiki')
| -rw-r--r-- | IkiWiki/CGI.pm | 11 | ||||
| -rw-r--r-- | IkiWiki/Plugin/editdiff.pm | 2 | ||||
| -rw-r--r-- | IkiWiki/Plugin/inline.pm | 8 | ||||
| -rw-r--r-- | IkiWiki/Render.pm | 2 |
4 files changed, 11 insertions, 12 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 07e92322f..99cead64f 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -301,10 +301,9 @@ sub cgi_editpage ($$) { #{{{ }); decode_form_utf8($form); - # This untaint is safe because titlepage removes any problematic - # characters. + # This untaint is safe because we check file_pruned. my $page=$form->field('page'); - $page=titlepage(possibly_foolish_untaint($page)); + $page=possibly_foolish_untaint($page); if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) { error("bad page name"); @@ -354,7 +353,7 @@ sub cgi_editpage ($$) { #{{{ $form->field(name => "from", type => 'hidden'); $form->field(name => "rcsinfo", type => 'hidden'); $form->field(name => "subpage", type => 'hidden'); - $form->field(name => "page", value => pagetitle($page, 1), force => 1); + $form->field(name => "page", value => $page, force => 1); $form->field(name => "type", value => $type, force => 1); $form->field(name => "comments", type => "text", size => 80); $form->field(name => "editcontent", type => "textarea", rows => 20, @@ -486,8 +485,8 @@ sub cgi_editpage ($$) { #{{{ $form->tmpl_param("page_select", 1); $form->field(name => "page", type => 'select', - options => [ map { pagetitle($_, 1) } @editable_locs ], - value => pagetitle($best_loc, 1)); + options => [ map { [ $_, pagetitle($_, 1) ] } @editable_locs ], + value => $best_loc); $form->field(name => "type", type => 'select', options => \@page_types); $form->title(sprintf(gettext("creating %s"), pagetitle($page))); diff --git a/IkiWiki/Plugin/editdiff.pm b/IkiWiki/Plugin/editdiff.pm index b8ecaa3d7..d45c73e8f 100644 --- a/IkiWiki/Plugin/editdiff.pm +++ b/IkiWiki/Plugin/editdiff.pm @@ -50,7 +50,7 @@ sub formbuilder_setup { #{{{ return if $form->field("do") ne "edit"; - $page = IkiWiki::titlepage(IkiWiki::possibly_foolish_untaint($page)); + $page = IkiWiki::possibly_foolish_untaint($page); return unless exists $pagesources{$page}; push @{$params{buttons}}, "Diff"; diff --git a/IkiWiki/Plugin/inline.pm b/IkiWiki/Plugin/inline.pm index 344620ebe..8890e5ed0 100644 --- a/IkiWiki/Plugin/inline.pm +++ b/IkiWiki/Plugin/inline.pm @@ -70,12 +70,12 @@ sub sessioncgi () { #{{{ my $session=shift; if ($q->param('do') eq 'blog') { - my $page=decode_utf8($q->param('title')); - $page=~s/\///g; # no slashes in blog posts + my $page=IkiWiki::titlepage(decode_utf8($q->param('title'))); + $page=~s/(\/)/"__".ord($1)."__"/eg; # don't create subdirs # if the page already exists, munge it to be unique my $from=$q->param('from'); my $add=""; - while (exists $IkiWiki::pagecase{lc($from."/".IkiWiki::titlepage($page).$add)}) { + while (exists $IkiWiki::pagecase{lc($from."/".$page.$add)}) { $add=1 unless length $add; $add++; } @@ -278,7 +278,7 @@ sub preprocess_inline (@) { #{{{ } if (length $config{cgiurl} && defined $type) { $template->param(have_actions => 1); - $template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1))); + $template->param(editurl => cgiurl(do => "edit", page => $page)); } } diff --git a/IkiWiki/Render.pm b/IkiWiki/Render.pm index 5184be2df..c241fd40b 100644 --- a/IkiWiki/Render.pm +++ b/IkiWiki/Render.pm @@ -80,7 +80,7 @@ sub genpage ($$) { #{{{ my $actions=0; if (length $config{cgiurl}) { - $template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1))); + $template->param(editurl => cgiurl(do => "edit", page => $page)); $template->param(prefsurl => cgiurl(do => "prefs")); $actions++; } |