summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-12-12Merge branch 'master' into commentsJoey Hess
2008-12-12meta: Pass info to htmlscrubber so htmlscrubber_skip can take effect.Joey Hess
2008-12-12Another TODO itemhttp://smcv.pseudorandom.co.uk/
2008-12-12update with some more code improvementshttp://smcv.pseudorandom.co.uk/
2008-12-12comments: Store dates in GMT and in ISO-8601Simon McVittie
The [[!_comment]] directive is a serialization format, not something for presentation to users, so we should use the least ambiguous possible representation.
2008-12-12(no commit message)http://john.choffee.co.uk/
2008-12-12adding setup notejustin
2008-12-11Fix too much quoting.tschwinge
2008-12-11Fix cut'n'past-o.tschwinge
2008-12-11simplifiy logicJoey Hess
2008-12-11comments: Change internal-use-only directive from [[!comment]] to [[!_comment]]Simon McVittie
2008-12-11comments: Use new feedfile, emptyfeeds options to inlineSimon McVittie
2008-12-11comments: don't interpolate IP into anonymous user's "name"Simon McVittie
If an admin wants the IP in the comment display template they can still get it (the default template shows it).
2008-12-11comments_display.tmpl: use less nice formatting to avoid whitespace in outputSimon McVittie
2008-12-11comments_display.tmpl: preferentially use confirmed username, but fall back ↵Simon McVittie
to claimed author if unauthenticated This still isn't quite right (it displays the IP address twice if the user doesn't specify a name).
2008-12-11comments: fix invocation of possibly_foolish_untaintSimon McVittie
2008-12-11comments_form.tmpl: show labels for name, websiteSimon McVittie
2008-12-11comments: avoid warning if there's no subjectSimon McVittie
2008-12-11comments: Optionally allow anonymous commenters to set their name/URL.Simon McVittie
Also provide a way for the comment template to pick up the verified username/IP.
2008-12-11comments: Remove some dead codeSimon McVittie
2008-12-11comments: rename main field to "editcontent" consistent with editpageSimon McVittie
This has the side-effect that Ikiwiki's default style.css gives the text box 100% width.
2008-12-11comments: instead of hard-coding mdwn, allow any supported page formatSimon McVittie
2008-12-11comments: Save comments as a file with one big [[!comment]] directive.Simon McVittie
This delays all comment formatting until the last possible time, allows us to set metadata without worrying that commenters may be able to evade it, and means that changes to how a comment is saved can be handled gracefully. It also gives us somewhere to put the commenter's username or IP address for later reference.
2008-12-11Remove dead code for preprocessing [[!comments]]Simon McVittie
2008-12-11comments: Duplicate logic and CGI hook from recentchanges to link user pages ↵Simon McVittie
correctly
2008-12-11Qualify name of formattime() correctlySimon McVittie
2008-12-11Delay checking for session expiry til we actually post a commentSimon McVittie
2008-12-11comments: record the time at which each comment was postedSimon McVittie
2008-12-11comments: Use a checkconfig hook to get the default value of comments_pagenameSimon McVittie
2008-12-11Remove comments_embed.tmpl (no longer needed)Simon McVittie
2008-12-11comments: render comments/commenturl in page.tmplSimon McVittie
2008-12-11comments: use global config to decide whether commenting is allowed, and for ↵Simon McVittie
name of page Also: * decide comment page name sooner * set permalink on it
2008-12-11comments: use global configuration for allow_directives, commit, and pagenameSimon McVittie
2008-12-11comments: Add some global configurationSimon McVittie
2008-12-11comments: make preprocess a no-opSimon McVittie
2008-12-11page.tmpl: optionally include "add comment" linkSimon McVittie
2008-12-11comments_comment.tmpl: allow permalink, anchor to be passed inSimon McVittie
2008-12-11comments: document what linkuser doesSimon McVittie
2008-12-11comments: add a stub pagetemplate hook to show the commentsSimon McVittie
2008-12-11comments: Use HTML entities to escape directivesSimon McVittie
2008-12-11Embed comments into comments_embed.tmpl rather than concatenating in perlSimon McVittie
2008-12-11comments_embed.tmpl: include the inlined comments if presentSimon McVittie
2008-12-11comments: use CGI module's checksessionexpirySimon McVittie
2008-12-11editpage: factor out checksessionexpiry into IkiWiki::CGISimon McVittie
2008-12-11Add comments to page.tmplSimon McVittie
2008-12-11htmlbalance: don't compact whitespace, and set misc other optionsSimon McVittie
Not compacting whitespace is the most important one: now that we run sanitize hooks on individual posted comments in the comments plugin, whitespace that is significant to Markdown (but not HTML) is lost.
2008-12-11comments: remove allowhtml option, just switch it on all the timeSimon McVittie
Now that posts are individually sanitized, that should be safe.
2008-12-11comments: load inline and mdwn lazilySimon McVittie
2008-12-11comments: don't rely on mdwn getting loaded firstSimon McVittie
2008-12-11comments: sanitize the body of each comment before posting itSimon McVittie
This should ensure that users can't "break out" from the enclosing <div>, making it impossible to forge comments (assuming htmlscrubber is enabled, and so is either htmlbalance or htmltidy).
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-08 12:41:16 +0000