summaryrefslogtreecommitdiff
path: root/po/ikiwiki.pot
AgeCommit message (Collapse)Author
2008-06-04more search improvementsJoey Hess
2008-05-30updated French translationJoey Hess
2008-05-30hashed password support, and empty password security fixJoey Hess
This implements the previously documented hashed password support. While implementing that, I noticed a security hole, which this commit also fixes..
2008-05-25releasing version 2.47Joey Hess
2008-05-12releasing version 2.46Joey Hess
2008-05-06pinger/pingee now tested and workingJoey Hess
2008-05-05aggregate: Add support for web-based triggering of aggregation for people ↵Joey Hess
stuck on shared hosting without cron. (Sheesh.) Enabled via the `aggregate_webtrigger` configuration optiom.
2008-05-05releasing version 2.45Joey Hess
2008-05-05enhancesments for shared hostingJoey Hess
* Add a Bundle::Ikiwiki to the source for use with CPAN to install *all* the modules ikiwiki can use. * Add a cpan directory containing a CPAN::MyConfig that can ease use of CPAN to install in a home directory on shared hosting providers. * With these changes, it's pretty easy to install onto nearlyfreespeech.net and probably other shared hosting providers like dreamhost. Added a tip page documentng the process for nearlyfreespeech.
2008-05-02Fix ugly display when editing a page that has vanished.Joey Hess
srcfile now has an optional second parameter to avoid it throwing an error if the source file does not exist.
2008-04-24releasing version 2.44Joey Hess
2008-04-16releasing version 2.43Joey Hess
2008-04-10Fix CSRF attacks against the preferences and edit forms. Closes: #475445Joey Hess
The fix involved embedding the session id in the forms, and not allowing the forms to be submitted if the embedded id does not match the session id. In the case of the preferences form, if the session id is not embedded, then the CGI parameters are cleared. This avoids a secondary attack where the link to the preferences form prefills password or other fields, and the user hits "submit" without noticing these prefilled values. In the case of the editpage form, the anonok plugin can allow anyone to edit, and so I chose not to guard against CSRF attacks against users who are not logged in. Otherwise, it also embeds the session id and checks it. For page editing, I assume that the user will notice if content or commit message is changed because of CGI parameters, and won't blndly hit save page. So I didn't block those CGI paramters. (It's even possible to use those CGI parameters, for good, not for evil, I guess..) The only other CSRF attack I can think of in ikiwiki involves the poll plugin. It's certianly possible to set up a link that causes the user to unknowingly vote in a poll. However, the poll plugin is not intended to be used for things that people would want to attack, since anyone can after all edit the poll page and fill in any values they like. So this "attack" is ignorable.
2008-03-29Added a hardlink option in the setup file, useful if the source and dest are ↵Joey Hess
on the same filesystem and the wiki includes large media files, which would normally be copied, wasting time and space.
2008-03-12truncate recentchangesdiffs after 200 linesJoey Hess
This works around a perl crasher bug, and also avoids bloating pages with enormous diffs. rcs_recentchanges modified to return a list in an array context.
2008-03-12* Use forcebaseurl to make page previews be displayed with the html baseJoey Hess
set to the destination page. This avoids need for hacks to munge the urls in preview mode, which fixes several bugs. * Several destpage fixes in plugins.
2008-03-03responseJoey Hess
2008-03-03* Add recentchangesdiff plugin that adds diffs to the recentchanges feeds.Joey Hess
* rcs_diff is a new function that rcs modules should implement. * Implemented rcs_diff for git, svn, and tla (tla version untested). Mercurial and monotone still todo.
2008-02-24Fix links generated by preprocessor directives when previewing.Joey Hess
As was already done for linkfication, links generated in a prevew page are relative to the top of the wiki, so it has to be told that the destpage is there. I was using "" to indicate this, but that may confuse some preprocessor plugins, which treat parameters with an empry value specially (sparkline is one such). Instead, use "/", which is more accurate anyway and works just as well.
2008-02-24* Disable taint checking for all builds as people keep complaining about it,Joey Hess
and since all versions of perl seem to be hopelessly broken.
2008-02-11* camelcase: Convert to use new linkify and scan hooks rather than the oldJoey Hess
hack.
2008-02-11* Add the linkify and scan hooks. These hooks can be used to implementJoey Hess
custom, first-class types of wikilinks. * Move standard wikilink implementation to a new wikilink plugin, which will of course be enabled by default.
2008-02-10releasing version 2.31Joey Hess
2008-02-03implement aggregate_locking designJoey Hess
Now aggregation will not lock the wiki. Any changes made during aggregaton are merged in with the changed state accumulated while aggregating. A separate lock file prevents multiple concurrent aggregators. Garbage collection of orphaned guids is much improved. loadstate() is only called once per process, so tricky support for reloading wiki state is not needed. (Tested fairly thuroughly.)
2008-02-03update po filesJoey Hess
2008-01-29announce no more mail notifications on this wikiJoey Hess
2008-01-29merged the recentchanges branchJoey Hess
misc fixes
2008-01-29* meta: Add pagespec functions to match against title, author, authorurl,Joey Hess
license, and copyright. This can be used to create custom RecentChanges. * meta: To support the pagespec functions, metadata about pages has to be retained as pagestate. * Fix encoding bug when pagestate values contained spaces.
2008-01-29added configuration for recentchangesJoey Hess
I kept it to a simple global configuration, rather than using the preprocessor directive for recentchanges, because that had chicken and egg problems and seemed overcomplicated. This should work reasonably well, though it would be good to add some more metadata so that more customised recentchanges pages can be made.
2008-01-29add code to delete old change pagesJoey Hess
2008-01-29typoJoey Hess
2008-01-10releasing version 2.20Joey Hess
2008-01-09In preferences, allow the subscriptions and email fields to be clearedJoey Hess
2008-01-09* mdwn: When htmlizing text, if it's a single line with no newline,Joey Hess
remove the enclosing paragraph and newline markdown wraps it in. This allows removing several hacks around this markdown behavior from other plugins that htmlize fragements of pages.
2008-01-09* template: Remove bogus htmlize pass added in 2.16.Joey Hess
* template: Htmlize template variables, but also provide a raw version via `<TMPL_VAR raw_variable>`.
2008-01-09update poJoey Hess
2008-01-07* Improved the canedit hook interface, allowing a callback function to beJoey Hess
returned (and not run in some cases) rather than the plugins directly forcing a user to log in. * opendiscussion: allow editing of the toplevel discussion page, and, indirectly, allow creating new discussion pages.
2008-01-05releasing version 2.18Joey Hess
2008-01-02round days old messageJoey Hess
2007-12-30releasing version 2.17Joey Hess
2007-12-30* aggregate: Fix stupid mistake introduced when converting it to useJoey Hess
the needsbuild hook. This resulted in feeds not being removed when pages were updated, and probably other bugs. * aggregate: Avoid uninitialised value warning when removing a feed that has an expired guid.
2007-12-28* img: Allow the link parameter to point to an exterior url.Joey Hess
2007-12-18releasing version 2.16Joey Hess
2007-12-17further improve the .. regexpJoey Hess
2007-12-17* Don't refuse to render files with ".." in their name. (Anchor the regexp.)Joey Hess
2007-12-16* Re-organise dependencies and recommends now that recommends are installedJoey Hess
by default.
2007-12-16* git: Correct display of multiline commit messages in recentchanges.Joey Hess
2007-12-16* brokenlinks: Don't list the same link multiple times. (%links mightJoey Hess
contain multiple copies of the same link)
2007-12-16* meta: Drop support for "meta link", since supporting this for internalJoey Hess
links required meta to be run during scan, which complicated its data storage, since it had to clear data stored during the scan pass to avoid duplicating it during the normal preprocessing pass. * If you used "meta link", you should switch to either "meta openid" (for openid delegations), or tags (for internal, invisible links). I assume that nobody really used "meta link" for external, non-openid links, since the htmlscrubber ate those. (Tell me differently and I'll consider bringing back that support.) * meta: Improved data storage. * meta: Drop the hackish filter hook that was used to clear stored data before preprocessing, this hack was ugly, and broken (cf: liw's disappearing openids). * aggregate: Convert filter hook to a needsbuild hook.
2007-12-12* shortcut: Expand %S to the raw input text, not url-encoded.Joey Hess