From 05124f9a86dadca50c693d57f8fc8398fb5d8be9 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kodama.kitenet.net>
Date: Sun, 6 Jul 2008 15:52:04 -0400
Subject: editpage escaping fixes

* The editpage form now uses the raw page name, not the page title, in its
  'page' cgi parameter. Using the title was ambiguous and made it
  impossible to tell between some pages, like "foo/bar" and "foo__47__bar",
  sometimes causing the wrong page to be edited.
* This change means that some edit links need to be updated.
  Force a rebuild on upgrade to this version.
* Above change also allowed really fixing escaped slashes from the blogpost
  form.
---
 IkiWiki/Plugin/editdiff.pm | 2 +-
 IkiWiki/Plugin/inline.pm   | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'IkiWiki/Plugin')

diff --git a/IkiWiki/Plugin/editdiff.pm b/IkiWiki/Plugin/editdiff.pm
index b8ecaa3d7..d45c73e8f 100644
--- a/IkiWiki/Plugin/editdiff.pm
+++ b/IkiWiki/Plugin/editdiff.pm
@@ -50,7 +50,7 @@ sub formbuilder_setup { #{{{
 
 	return if $form->field("do") ne "edit";
 
-	$page = IkiWiki::titlepage(IkiWiki::possibly_foolish_untaint($page));
+	$page = IkiWiki::possibly_foolish_untaint($page);
 	return unless exists $pagesources{$page};
 
 	push @{$params{buttons}}, "Diff";
diff --git a/IkiWiki/Plugin/inline.pm b/IkiWiki/Plugin/inline.pm
index 344620ebe..8890e5ed0 100644
--- a/IkiWiki/Plugin/inline.pm
+++ b/IkiWiki/Plugin/inline.pm
@@ -70,12 +70,12 @@ sub sessioncgi () { #{{{
 	my $session=shift;
 
 	if ($q->param('do') eq 'blog') {
-		my $page=decode_utf8($q->param('title'));
-		$page=~s/\///g; # no slashes in blog posts
+		my $page=IkiWiki::titlepage(decode_utf8($q->param('title')));
+		$page=~s/(\/)/"__".ord($1)."__"/eg; # don't create subdirs
 		# if the page already exists, munge it to be unique
 		my $from=$q->param('from');
 		my $add="";
-		while (exists $IkiWiki::pagecase{lc($from."/".IkiWiki::titlepage($page).$add)}) {
+		while (exists $IkiWiki::pagecase{lc($from."/".$page.$add)}) {
 			$add=1 unless length $add;
 			$add++;
 		}
@@ -278,7 +278,7 @@ sub preprocess_inline (@) { #{{{
 					}
 					if (length $config{cgiurl} && defined $type) {
 						$template->param(have_actions => 1);
-						$template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
+						$template->param(editurl => cgiurl(do => "edit", page => $page));
 					}
 				}
 	
-- 
cgit v1.2.3