Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-12-17 | checksessionexpiry: rework | Joey Hess | |
This function as factored out was a bit confusing, I think this makes more sense. | |||
2008-12-12 | elide unnecessary variables | Joey Hess | |
2008-12-12 | remove fixme | Joey Hess | |
sessioncgi hooks are always called with the wiki locked | |||
2008-12-12 | fix redefinition of $author | Joey Hess | |
2008-12-12 | move related code together | Joey Hess | |
2008-12-12 | whitespace | Joey Hess | |
2008-12-12 | don't explicitly use inline | Joey Hess | |
loadplugin("inline") should take care of that | |||
2008-12-12 | avoid unnecessary variable | Joey Hess | |
2008-12-12 | get rid of the [postcomment] hack | Joey Hess | |
I think that using a flag variable is sorta cleaner. (This is untested.) | |||
2008-12-12 | move getsetup to usual place | Joey Hess | |
2008-12-12 | comments: Store dates in GMT and in ISO-8601 | Simon McVittie | |
The [[!_comment]] directive is a serialization format, not something for presentation to users, so we should use the least ambiguous possible representation. | |||
2008-12-11 | comments: Change internal-use-only directive from [[!comment]] to [[!_comment]] | Simon McVittie | |
2008-12-11 | comments: Use new feedfile, emptyfeeds options to inline | Simon McVittie | |
2008-12-11 | comments: don't interpolate IP into anonymous user's "name" | Simon McVittie | |
If an admin wants the IP in the comment display template they can still get it (the default template shows it). | |||
2008-12-11 | comments: fix invocation of possibly_foolish_untaint | Simon McVittie | |
2008-12-11 | comments: avoid warning if there's no subject | Simon McVittie | |
2008-12-11 | comments: Optionally allow anonymous commenters to set their name/URL. | Simon McVittie | |
Also provide a way for the comment template to pick up the verified username/IP. | |||
2008-12-11 | comments: Remove some dead code | Simon McVittie | |
2008-12-11 | comments: rename main field to "editcontent" consistent with editpage | Simon McVittie | |
This has the side-effect that Ikiwiki's default style.css gives the text box 100% width. | |||
2008-12-11 | comments: instead of hard-coding mdwn, allow any supported page format | Simon McVittie | |
2008-12-11 | comments: Save comments as a file with one big [[!comment]] directive. | Simon McVittie | |
This delays all comment formatting until the last possible time, allows us to set metadata without worrying that commenters may be able to evade it, and means that changes to how a comment is saved can be handled gracefully. It also gives us somewhere to put the commenter's username or IP address for later reference. | |||
2008-12-11 | Remove dead code for preprocessing [[!comments]] | Simon McVittie | |
2008-12-11 | comments: Duplicate logic and CGI hook from recentchanges to link user pages ↵ | Simon McVittie | |
correctly | |||
2008-12-11 | Qualify name of formattime() correctly | Simon McVittie | |
2008-12-11 | Delay checking for session expiry til we actually post a comment | Simon McVittie | |
2008-12-11 | comments: record the time at which each comment was posted | Simon McVittie | |
2008-12-11 | comments: Use a checkconfig hook to get the default value of comments_pagename | Simon McVittie | |
2008-12-11 | comments: render comments/commenturl in page.tmpl | Simon McVittie | |
2008-12-11 | comments: use global config to decide whether commenting is allowed, and for ↵ | Simon McVittie | |
name of page Also: * decide comment page name sooner * set permalink on it | |||
2008-12-11 | comments: use global configuration for allow_directives, commit, and pagename | Simon McVittie | |
2008-12-11 | comments: Add some global configuration | Simon McVittie | |
2008-12-11 | comments: make preprocess a no-op | Simon McVittie | |
2008-12-11 | comments: document what linkuser does | Simon McVittie | |
2008-12-11 | comments: add a stub pagetemplate hook to show the comments | Simon McVittie | |
2008-12-11 | comments: Use HTML entities to escape directives | Simon McVittie | |
2008-12-11 | Embed comments into comments_embed.tmpl rather than concatenating in perl | Simon McVittie | |
2008-12-11 | comments: use CGI module's checksessionexpiry | Simon McVittie | |
2008-12-11 | comments: remove allowhtml option, just switch it on all the time | Simon McVittie | |
Now that posts are individually sanitized, that should be safe. | |||
2008-12-11 | comments: load inline and mdwn lazily | Simon McVittie | |
2008-12-11 | comments: don't rely on mdwn getting loaded first | Simon McVittie | |
2008-12-11 | comments: sanitize the body of each comment before posting it | Simon McVittie | |
This should ensure that users can't "break out" from the enclosing <div>, making it impossible to forge comments (assuming htmlscrubber is enabled, and so is either htmlbalance or htmltidy). | |||
2008-12-11 | Fix typo that led to comments being blanked | Simon McVittie | |
2008-12-11 | postcomment: Rename plugin to comments, use *._comment files | Simon McVittie | |
The PageSpec is still called "postcomment" since that's what it means. |