Age | Commit message (Collapse) | Author |
|
The locked pages configuration is moving to a locked_pages option in the
setup file, and the allowed attachments configuration to
allowed_attachments. The admin prefs page can still be used for these, but
that's depreacted and will only be shown if there's currently a value.
|
|
They were a bit confusing, since they did not actually set the default, and
example values are sufficient.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
to avoid confusion.
|
|
|
|
|
|
Other plugins will need to use this.
|
|
|
|
This is truely horribly disgusting. CGI::tmpFileName, in current perls, is
an undocumented function (which should be a clue..) that takes the original
filename of an uploaded attachment, and returns the name of the tempfile
that CGI has stored it in.
In old perls, though, CGI::tmpFileName does not take a filename. It takes
a key from the object's {'.tmpfiles'} hash. This key is something
crazy like '*Fh::fh00001group' -- apparently the stringification of a
filehandle object.
Just to add to the fun, tmpFileName doesn't take the key, it expects a
refernce to the key. Argh?!
But the fun doesn't stop there, because in perl 5.8, CGI.pm is also broken
in two other ways. The upload() method is supposed to return a filehandle
to the temp file. It doesn't. The param() method is supposed to return
a filehandle to the temp file, that stringifies to the original filename.
It returns just the original filename, no filehandle.
Combine all these bugs, and you end up with this disgusting commit. Since
I have no way to get the filehandle, I *need* to get the tempfile name.
If I had the filehandle, I could probably pass it into tmpFileName, and
it might strigify to the right key name. But I don't, so the only way to
determine the key is to grub through the .tmpfiles hash ourselves.
And finally, one the temp file name is discovered, a filehandle can finally
be obtained by (re)opening it.
I recommend that this commit be reverted when perl 5.8 is a mercifully
faded memory.
I'm really, really, really glad I'm actually being paid for working on
this right now!
|
|
This is the default in unstable's formbuilder, but not in stable's,
and CGI multipart is needed for fule uploads.
|
|
|
|
|
|
open the temp file if all attempts to get a fd fail
|
|
|
|
currently has no attachments.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A user might specify an attachment, but not click the upload button,
and just save the whole page instead.
|
|
|
|
|
|
|
|
Make it a config setting, this way subtle load order issues don't come into
play. (As much?)
|
|
|
|
Put the attachment in a subdir of the page it's attached to,
unless that page is an "index" page.
|
|
canedit should fail first as it's a less expensive and harder to pass test
|
|
Needed to prevent uploads of locked pages as attachments.
|
|
|
|
|
|
|
|
|
|
|
|
Currently includes UI, and a few tests of the attachment, as well as the
framework to extend pagespecs to test attachments. Does not actually save
the file yet.
|