summaryrefslogtreecommitdiff
path: root/IkiWiki/CGI.pm
AgeCommit message (Collapse)Author
2007-02-15* Many changes to make ikiwiki very resistant to write failuresjoey
including out of disk space situations. ikiwiki should never leave truncated files, and if the error occurs during a web-based file edit, the user will be given an opportunity to retry. Inspired by the many ways Moin Moin destroys itself when out of disk. :-) * Fix syslogging of errors.
2007-02-10* Fix a security hole that allowed a web user to edit images and otherjoey
non-page format files in the wiki. To exploit this, the file already had to exist in the wiki, and the web user would need to somehow use the web based editor to replace it with malicious content. (Sorry Josh, this means you can't edit style.css directly anymore, although I do appreciate your fixes, actually..)
2007-02-02* Add canedit hook, allowing arbitrary controls over when a page can bejoey
edited. * Move code forcing signing before edit to a new "signinedit" plugin, and code checking for locked pages into a new "lockedit" plugin. Both are enabled by default. * Remove the anonok config setting. This is now implemented by a new "anonok" plugin. Anyone with a wiki allowing anonymous edits should change their configs to enable this new plugin. * Add an opendiscussion plugin that allows anonymous users to edit discussion pages, on a wiki that is otherwise wouldn't allow it. * Lots of CGI code reorg and cleanup.
2007-01-28* Always call rcs_update after a commit during a web edit, to work aroundjoey
the problem described in bugs/svn_fails_to_update. Thanks to Ethan for the analysis and patch.
2007-01-14* Change the RecentChanges page to show the path of changed pages.joey
2007-01-12Improve error message when postsignin (probably from openid) fails due tojoey
cookies not being enabled. Adds a new translatable string..
2007-01-12* Search in default location for templates as a fallback when templatedir isjoey
pointed elsewhere, so that only modified templates need to be copied into a templatedir. Based on work by JeremyReed.
2007-01-04added some comments for translatorsjoey
2007-01-03* Corrected a bum regexp in openid munging.joey
2006-12-31deal with http:// partjoey
2006-12-31* Escape shashes in page titles entered in the blog post form.joey
* Munge openids of the form somehost.com/user (trial, may revert)
2006-12-29* If a userdir is configured, links to pages in it can be made withoutjoey
specifying the path. This allows for easy signing of comments by linking to your page in the userdir.
2006-12-29* Initial work on internationalization of the program code. po/ikiwiki.potjoey
is available for translation. * Export gettext() from IkiWiki module.
2006-12-21* Turn $config{wiki_file_prune_regexps} into an array that is easier tojoey
manipulate. * Only exclude rss and atom files from processing if the inline plugin is enabled and that feed type is enabled. Else it's just a copyable file type. * Move rss and atom option handling code into the inline plugin. * Applied a rather old patch from Recai to fix the "pruning is too strict" issue. Now you can have wiki source directories inside dotdirs and the like, if you want.
2006-12-19* Add userdir config setting.joey
2006-12-02* The hack used to make the pagetemplate hook have access to the editpagejoey
template won't work with CGI::FormBuilder 3.0401, so disable it for now. * CGI::FormBuilder 3.0401 seems to work ok now with ikiwiki, although there might still be bugs lurking..
2006-11-26session improvementsjoey
2006-11-22updatesjoey
2006-11-21improvejoey
2006-11-21improve regexpjoey
2006-11-21formattingjoey
2006-11-20improvementjoey
2006-11-20* Add "last" parameter to hook function. Very basic ordering, and hopefullyjoey
nothing more spohisticated will be needed. * Add formbuilder_setup and formbuilder hooks. * Split out a passwordauth module, that holds all the traditional password based authentication etc code. It's enabled by default, but can be disabled if you want only openid or some other auth method.
2006-11-20* Avoid locking the wiki at all when handling some basic cgi stuffjoey
(searches, recentchanges).
2006-11-20increase field widthsjoey
2006-11-20* Add openidsignup config option.joey
* Make the openid plugin support the callbacks from myopenid.com via its affiliate program. * Change how post signin actions are propigated through the signin process; they're now stored in the session.
2006-11-20minor improvementsjoey
2006-11-20explanationjoey
2006-11-20* Add an openid plugin to support logging in using OpenID.joey
* Web commits by OpenID users will record the full OpenID url for the user, but in recentchanges, these urls will be converted to a simplified display form+link. * Modified svn, git, tla backends to recognise such web commits.
2006-11-20* Make auth methods pluggable.joey
* Move httpauth support to a plugin. * Add an openid plugin to support logging in using OpenID.
2006-11-10fixesjoey
2006-11-10* Work around a strange bug in CGI::FormBuilder 3.0401 that makesjoey
FORM-SUBMIT unusable on customised formbuilder templates. For now, hardcode the submit buttons in editpage.tmpl instead of using the template variable, which is ok, since the buttons are static.
2006-11-08* Make sure to check for errors from every eval.joey
2006-11-08* Enable utf8 file IO in aggregate plugin.joey
* Fix some issues with the new registration form.
2006-10-30* Improve login/register process, the login dialog has only name andjoey
password fields, which allows more web browsers to regognise it as a login field, and is less confusing.
2006-10-28delete sessionjoey
2006-10-28* Add basic spam fighting tool for admins: An admin's prefs page now allowsjoey
editing a list of banned users who are not allowed to log in.
2006-10-14* Patch from Recai to limit recentchanges to displaying max 10 files for ajoey
given changeset (to avoid large number of file changes excessively bloating the page).
2006-10-08* Atom feed support based on a patch by Clint Adams.joey
* Add feeds=no option to inline preprocessor directive to turn off all types of feeds. feeds=rss will still work, and feeds=atom was also added, for fine control. * $IkiWiki::version now holds the program version, and is accessible to plugins.
2006-10-02* Patch from Alec Berryman adding a http_auth config item that allowsjoey
using HTTP Authentication instead of ikiwiki's built in authentication. Useful for eg, large sites with their own previously existing user auth setup. Closes: #384534
2006-09-16 * Patch from James Westby to deal with the case where you're editing ajoey
new page, hit cancel, and need to be redirected to somewhere sane.
2006-09-16* pagetemplate hooks are now also called when generating cgi pages.joey
* Add a favicon plugin, which simply adds a link tag for an icon to each page (and cgis).
2006-09-11* Patch from Recai to kill utf-8 on the wiki name when generating thejoey
session cookie.
2006-09-09* Work on firming up the plugin interface:joey
- Plugins should not need to load IkiWiki::Render to get commonly used functions, so moved some functions from there to IkiWiki. - Picked out the set of functions and variables that most plugins use, documented them, and made IkiWiki export them by default, like a proper perl module should. - Use the other functions at your own risk. - This is not quite complete, I still have to decide whether to export some other things. * Changed all plugins included in ikiwiki to not use "IkiWiki::" when referring to stuff now exported by the IkiWiki module. * Anyone with a third-party ikiwiki plugin is strongly enrouraged to make like changes to it and avoid use of non-exported symboles from "IkiWiki::". * Link debian/changelog and debian/news to NEWS and CHANGELOG. * Support hyperestradier version 1.4.2, which adds a new required phraseform setting.
2006-09-06need to import escapeHTMLjoey
2006-09-06escaping fix from Emanuele Ainajoey
2006-09-03* Simplify the data structure returned by rcs_recentchanges to avoidjoey
each rcs plugin needing to form complex strings on its own.
2006-08-28* Change htmlize, format, and sanitize hooks to use named parameters.joey
2006-08-27* Patch from James Westby to add a --sslcookie switch, which forcesjoey
cookies to only be sent over ssl connections to avoid interception. * Factor out the cgi header printing code into a new function. * Fix preferences page on anonok wikis; still need to sign in to get to the preferences page.
2006-08-23* Change order of linkify and preprocess; first preprocess and then linkify.joey
This allows passing a wikilink inside a parameter to a preprocessor directive without it being expanded to html, and leaking out of the parameter, which had required some non-obvious use of triple-quoting to avoid. Note that any preprocessor plugins that output something that looks like a wikilink will now have it treated as such; AFAIK this doesn't change any behavior though except for the template plugin. * Enable preprocessor directives when previewing an edit.