summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/comments.pm
AgeCommit message (Collapse)Author
2008-12-12remove fixmeJoey Hess
sessioncgi hooks are always called with the wiki locked
2008-12-12fix redefinition of $authorJoey Hess
2008-12-12move related code togetherJoey Hess
2008-12-12whitespaceJoey Hess
2008-12-12don't explicitly use inlineJoey Hess
loadplugin("inline") should take care of that
2008-12-12avoid unnecessary variableJoey Hess
2008-12-12get rid of the [postcomment] hackJoey Hess
I think that using a flag variable is sorta cleaner. (This is untested.)
2008-12-12move getsetup to usual placeJoey Hess
2008-12-12comments: Store dates in GMT and in ISO-8601Simon McVittie
The [[!_comment]] directive is a serialization format, not something for presentation to users, so we should use the least ambiguous possible representation.
2008-12-11comments: Change internal-use-only directive from [[!comment]] to [[!_comment]]Simon McVittie
2008-12-11comments: Use new feedfile, emptyfeeds options to inlineSimon McVittie
2008-12-11comments: don't interpolate IP into anonymous user's "name"Simon McVittie
If an admin wants the IP in the comment display template they can still get it (the default template shows it).
2008-12-11comments: fix invocation of possibly_foolish_untaintSimon McVittie
2008-12-11comments: avoid warning if there's no subjectSimon McVittie
2008-12-11comments: Optionally allow anonymous commenters to set their name/URL.Simon McVittie
Also provide a way for the comment template to pick up the verified username/IP.
2008-12-11comments: Remove some dead codeSimon McVittie
2008-12-11comments: rename main field to "editcontent" consistent with editpageSimon McVittie
This has the side-effect that Ikiwiki's default style.css gives the text box 100% width.
2008-12-11comments: instead of hard-coding mdwn, allow any supported page formatSimon McVittie
2008-12-11comments: Save comments as a file with one big [[!comment]] directive.Simon McVittie
This delays all comment formatting until the last possible time, allows us to set metadata without worrying that commenters may be able to evade it, and means that changes to how a comment is saved can be handled gracefully. It also gives us somewhere to put the commenter's username or IP address for later reference.
2008-12-11Remove dead code for preprocessing [[!comments]]Simon McVittie
2008-12-11comments: Duplicate logic and CGI hook from recentchanges to link user pages ↵Simon McVittie
correctly
2008-12-11Qualify name of formattime() correctlySimon McVittie
2008-12-11Delay checking for session expiry til we actually post a commentSimon McVittie
2008-12-11comments: record the time at which each comment was postedSimon McVittie
2008-12-11comments: Use a checkconfig hook to get the default value of comments_pagenameSimon McVittie
2008-12-11comments: render comments/commenturl in page.tmplSimon McVittie
2008-12-11comments: use global config to decide whether commenting is allowed, and for ↵Simon McVittie
name of page Also: * decide comment page name sooner * set permalink on it
2008-12-11comments: use global configuration for allow_directives, commit, and pagenameSimon McVittie
2008-12-11comments: Add some global configurationSimon McVittie
2008-12-11comments: make preprocess a no-opSimon McVittie
2008-12-11comments: document what linkuser doesSimon McVittie
2008-12-11comments: add a stub pagetemplate hook to show the commentsSimon McVittie
2008-12-11comments: Use HTML entities to escape directivesSimon McVittie
2008-12-11Embed comments into comments_embed.tmpl rather than concatenating in perlSimon McVittie
2008-12-11comments: use CGI module's checksessionexpirySimon McVittie
2008-12-11comments: remove allowhtml option, just switch it on all the timeSimon McVittie
Now that posts are individually sanitized, that should be safe.
2008-12-11comments: load inline and mdwn lazilySimon McVittie
2008-12-11comments: don't rely on mdwn getting loaded firstSimon McVittie
2008-12-11comments: sanitize the body of each comment before posting itSimon McVittie
This should ensure that users can't "break out" from the enclosing <div>, making it impossible to forge comments (assuming htmlscrubber is enabled, and so is either htmlbalance or htmltidy).
2008-12-11Fix typo that led to comments being blankedSimon McVittie
2008-12-11postcomment: Rename plugin to comments, use *._comment filesSimon McVittie
The PageSpec is still called "postcomment" since that's what it means.