summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/editpage.pm
blob: 467cd9ed5bf54827da0f75d03304918ba8947a71 (plain)
  1. #!/usr/bin/perl
  2. package IkiWiki::Plugin::editpage;
  3. use warnings;
  4. use strict;
  5. use IkiWiki;
  6. use open qw{:utf8 :std};
  7. sub import {
  8. hook(type => "getsetup", id => "editpage", call => \&getsetup);
  9. hook(type => "refresh", id => "editpage", call => \&refresh);
  10. hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
  11. }
  12. sub getsetup () {
  13. return
  14. plugin => {
  15. safe => 1,
  16. rebuild => 1,
  17. },
  18. }
  19. sub refresh () {
  20. if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
  21. # Expire old preview files after one hour.
  22. my $expire=time - (60 * 60);
  23. my @previews;
  24. foreach my $file (@{$wikistate{editpage}{previews}}) {
  25. my $mtime=(stat("$config{destdir}/$file"))[9];
  26. if (defined $mtime && $mtime <= $expire) {
  27. # Avoid deleting a preview that was later saved.
  28. my $delete=1;
  29. foreach my $page (keys %renderedfiles) {
  30. if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
  31. $delete=0;
  32. }
  33. }
  34. if ($delete) {
  35. debug(sprintf(gettext("removing old preview %s"), $file));
  36. IkiWiki::prune("$config{destdir}/$file");
  37. }
  38. }
  39. elsif (defined $mtime) {
  40. push @previews, $file;
  41. }
  42. }
  43. $wikistate{editpage}{previews}=\@previews;
  44. }
  45. }
  46. # Back to ikiwiki namespace for the rest, this code is very much
  47. # internal to ikiwiki even though it's separated into a plugin,
  48. # and other plugins use the function below.
  49. package IkiWiki;
  50. sub cgi_editpage ($$) {
  51. my $q=shift;
  52. my $session=shift;
  53. my $do=$q->param('do');
  54. return unless $do eq 'create' || $do eq 'edit';
  55. decode_cgi_utf8($q);
  56. my @fields=qw(do rcsinfo subpage from page type editcontent comments);
  57. my @buttons=("Save Page", "Preview", "Cancel");
  58. eval q{use CGI::FormBuilder};
  59. error($@) if $@;
  60. my $form = CGI::FormBuilder->new(
  61. fields => \@fields,
  62. charset => "utf-8",
  63. method => 'POST',
  64. required => [qw{editcontent}],
  65. javascript => 0,
  66. params => $q,
  67. action => $config{cgiurl},
  68. header => 0,
  69. table => 0,
  70. template => scalar template_params("editpage.tmpl"),
  71. );
  72. decode_form_utf8($form);
  73. run_hooks(formbuilder_setup => sub {
  74. shift->(form => $form, cgi => $q, session => $session,
  75. buttons => \@buttons);
  76. });
  77. decode_form_utf8($form);
  78. # This untaint is safe because we check file_pruned and
  79. # wiki_file_regexp.
  80. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
  81. $page=possibly_foolish_untaint($page);
  82. my $absolute=($page =~ s#^/+##);
  83. if (! defined $page || ! length $page ||
  84. file_pruned($page, $config{srcdir})) {
  85. error(gettext("bad page name"));
  86. }
  87. my $baseurl = urlto($page, undef, 1);
  88. my $from;
  89. if (defined $form->field('from')) {
  90. ($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
  91. }
  92. my $file;
  93. my $type;
  94. if (exists $pagesources{$page} && $form->field("do") ne "create") {
  95. $file=$pagesources{$page};
  96. $type=pagetype($file);
  97. if (! defined $type || $type=~/^_/) {
  98. error(sprintf(gettext("%s is not an editable page"), $page));
  99. }
  100. if (! $form->submitted) {
  101. $form->field(name => "rcsinfo",
  102. value => rcs_prepedit($file), force => 1);
  103. }
  104. $form->field(name => "editcontent", validate => '/.*/');
  105. }
  106. else {
  107. $type=$form->param('type');
  108. if (defined $type && length $type && $hooks{htmlize}{$type}) {
  109. $type=possibly_foolish_untaint($type);
  110. }
  111. elsif (defined $from && exists $pagesources{$from}) {
  112. # favor the type of linking page
  113. $type=pagetype($pagesources{$from});
  114. }
  115. $type=$config{default_pageext} unless defined $type;
  116. $file=newpagefile($page, $type);
  117. if (! $form->submitted) {
  118. $form->field(name => "rcsinfo", value => "", force => 1);
  119. }
  120. $form->field(name => "editcontent", validate => '/.+/');
  121. }
  122. $form->field(name => "do", type => 'hidden');
  123. $form->field(name => "sid", type => "hidden", value => $session->id,
  124. force => 1);
  125. $form->field(name => "from", type => 'hidden');
  126. $form->field(name => "rcsinfo", type => 'hidden');
  127. $form->field(name => "subpage", type => 'hidden');
  128. $form->field(name => "page", value => $page, force => 1);
  129. $form->field(name => "type", value => $type, force => 1);
  130. $form->field(name => "comments", type => "text", size => 80);
  131. $form->field(name => "editcontent", type => "textarea", rows => 20,
  132. cols => 80);
  133. $form->tmpl_param("can_commit", $config{rcs});
  134. $form->tmpl_param("indexlink", indexlink());
  135. $form->tmpl_param("helponformattinglink",
  136. htmllink($page, $page, "ikiwiki/formatting",
  137. noimageinline => 1,
  138. linktext => "FormattingHelp"));
  139. if ($form->submitted eq "Cancel") {
  140. if ($form->field("do") eq "create" && defined $from) {
  141. redirect($q, urlto($from, undef, 1));
  142. }
  143. elsif ($form->field("do") eq "create") {
  144. redirect($q, $config{url});
  145. }
  146. else {
  147. redirect($q, urlto($page, undef, 1));
  148. }
  149. exit;
  150. }
  151. elsif ($form->submitted eq "Preview") {
  152. my $new=not exists $pagesources{$page};
  153. if ($new) {
  154. # temporarily record its type
  155. $pagesources{$page}=$page.".".$type;
  156. }
  157. my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
  158. my $content=$form->field('editcontent');
  159. run_hooks(editcontent => sub {
  160. $content=shift->(
  161. content => $content,
  162. page => $page,
  163. cgi => $q,
  164. session => $session,
  165. );
  166. });
  167. my $preview=htmlize($page, $page, $type,
  168. linkify($page, $page,
  169. preprocess($page, $page,
  170. filter($page, $page, $content), 0, 1)));
  171. run_hooks(format => sub {
  172. $preview=shift->(
  173. page => $page,
  174. content => $preview,
  175. );
  176. });
  177. $form->tmpl_param("page_preview", $preview);
  178. if ($new) {
  179. delete $pagesources{$page};
  180. }
  181. # Previewing may have created files on disk.
  182. # Keep a list of these to be deleted later.
  183. my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
  184. foreach my $f (@{$renderedfiles{$page}}) {
  185. $previews{$f}=1 unless $wasrendered{$f};
  186. }
  187. @{$wikistate{editpage}{previews}} = keys %previews;
  188. $renderedfiles{$page}=[keys %wasrendered];
  189. saveindex();
  190. }
  191. elsif ($form->submitted eq "Save Page") {
  192. $form->tmpl_param("page_preview", "");
  193. }
  194. if ($form->submitted ne "Save Page" || ! $form->validate) {
  195. if ($form->field("do") eq "create") {
  196. my @page_locs;
  197. my $best_loc;
  198. if (! defined $from || ! length $from ||
  199. $from ne $form->field('from') ||
  200. file_pruned($from, $config{srcdir}) ||
  201. $from=~/^\// ||
  202. $absolute ||
  203. $form->submitted) {
  204. @page_locs=$best_loc=$page;
  205. }
  206. else {
  207. my $dir=$from."/";
  208. $dir=~s![^/]+/+$!!;
  209. if ((defined $form->field('subpage') && length $form->field('subpage')) ||
  210. $page eq lc(gettext('Discussion'))) {
  211. $best_loc="$from/$page";
  212. }
  213. else {
  214. $best_loc=$dir.$page;
  215. }
  216. push @page_locs, $dir.$page;
  217. push @page_locs, "$from/$page";
  218. while (length $dir) {
  219. $dir=~s![^/]+/+$!!;
  220. push @page_locs, $dir.$page;
  221. }
  222. push @page_locs, "$config{userdir}/$page"
  223. if length $config{userdir};
  224. }
  225. @page_locs = grep {
  226. ! exists $pagecase{lc $_}
  227. } @page_locs;
  228. if (! @page_locs) {
  229. # hmm, someone else made the page in the
  230. # meantime?
  231. if ($form->submitted eq "Preview") {
  232. # let them go ahead with the edit
  233. # and resolve the conflict at save
  234. # time
  235. @page_locs=$page;
  236. }
  237. else {
  238. redirect($q, urlto($page, undef, 1));
  239. exit;
  240. }
  241. }
  242. my @editable_locs = grep {
  243. check_canedit($_, $q, $session, 1)
  244. } @page_locs;
  245. if (! @editable_locs) {
  246. # let it throw an error this time
  247. map { check_canedit($_, $q, $session) } @page_locs;
  248. }
  249. my @page_types;
  250. if (exists $hooks{htmlize}) {
  251. foreach my $key (grep { !/^_/ } keys %{$hooks{htmlize}}) {
  252. push @page_types, [$key, $hooks{htmlize}{$key}{longname} || $key];
  253. }
  254. }
  255. @page_types=sort @page_types;
  256. $form->tmpl_param("page_select", 1);
  257. $form->field(name => "page", type => 'select',
  258. options => [ map { [ $_, pagetitle($_, 1) ] } @editable_locs ],
  259. value => $best_loc);
  260. $form->field(name => "type", type => 'select',
  261. options => \@page_types);
  262. $form->title(sprintf(gettext("creating %s"), pagetitle($page)));
  263. }
  264. elsif ($form->field("do") eq "edit") {
  265. check_canedit($page, $q, $session);
  266. if (! defined $form->field('editcontent') ||
  267. ! length $form->field('editcontent')) {
  268. my $content="";
  269. if (exists $pagesources{$page}) {
  270. $content=readfile(srcfile($pagesources{$page}));
  271. $content=~s/\n/\r\n/g;
  272. }
  273. $form->field(name => "editcontent", value => $content,
  274. force => 1);
  275. }
  276. $form->tmpl_param("page_select", 0);
  277. $form->field(name => "page", type => 'hidden');
  278. $form->field(name => "type", type => 'hidden');
  279. $form->title(sprintf(gettext("editing %s"), pagetitle($page)));
  280. }
  281. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  282. }
  283. else {
  284. # save page
  285. check_canedit($page, $q, $session);
  286. checksessionexpiry($q, $session, $q->param('sid'));
  287. my $exists=-e "$config{srcdir}/$file";
  288. if ($form->field("do") ne "create" && ! $exists &&
  289. ! defined srcfile($file, 1)) {
  290. $form->tmpl_param("message", template("editpagegone.tmpl")->output);
  291. $form->field(name => "do", value => "create", force => 1);
  292. $form->tmpl_param("page_select", 0);
  293. $form->field(name => "page", type => 'hidden');
  294. $form->field(name => "type", type => 'hidden');
  295. $form->title(sprintf(gettext("editing %s"), $page));
  296. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  297. exit;
  298. }
  299. elsif ($form->field("do") eq "create" && $exists) {
  300. $form->tmpl_param("message", template("editcreationconflict.tmpl")->output);
  301. $form->field(name => "do", value => "edit", force => 1);
  302. $form->tmpl_param("page_select", 0);
  303. $form->field(name => "page", type => 'hidden');
  304. $form->field(name => "type", type => 'hidden');
  305. $form->title(sprintf(gettext("editing %s"), $page));
  306. $form->field("editcontent",
  307. value => readfile("$config{srcdir}/$file").
  308. "\n\n\n".$form->field("editcontent"),
  309. force => 1);
  310. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  311. exit;
  312. }
  313. my $message="";
  314. if (defined $form->field('comments') &&
  315. length $form->field('comments')) {
  316. $message=$form->field('comments');
  317. }
  318. my $content=$form->field('editcontent');
  319. check_content(content => $content, page => $page,
  320. cgi => $q, session => $session,
  321. subject => $message);
  322. run_hooks(editcontent => sub {
  323. $content=shift->(
  324. content => $content,
  325. page => $page,
  326. cgi => $q,
  327. session => $session,
  328. );
  329. });
  330. $content=~s/\r\n/\n/g;
  331. $content=~s/\r/\n/g;
  332. $content.="\n" if $content !~ /\n$/;
  333. $config{cgi}=0; # avoid cgi error message
  334. eval { writefile($file, $config{srcdir}, $content) };
  335. $config{cgi}=1;
  336. if ($@) {
  337. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  338. force => 1);
  339. my $mtemplate=template("editfailedsave.tmpl");
  340. $mtemplate->param(error_message => $@);
  341. $form->tmpl_param("message", $mtemplate->output);
  342. $form->field("editcontent", value => $content, force => 1);
  343. $form->tmpl_param("page_select", 0);
  344. $form->field(name => "page", type => 'hidden');
  345. $form->field(name => "type", type => 'hidden');
  346. $form->title(sprintf(gettext("editing %s"), $page));
  347. showform($form, \@buttons, $session, $q,
  348. forcebaseurl => $baseurl);
  349. exit;
  350. }
  351. my $conflict;
  352. if ($config{rcs}) {
  353. if (! $exists) {
  354. rcs_add($file);
  355. }
  356. # Prevent deadlock with post-commit hook by
  357. # signaling to it that it should not try to
  358. # do anything.
  359. disable_commit_hook();
  360. $conflict=rcs_commit($file, $message,
  361. $form->field("rcsinfo"),
  362. $session->param("name"), $ENV{REMOTE_ADDR});
  363. enable_commit_hook();
  364. rcs_update();
  365. }
  366. # Refresh even if there was a conflict, since other changes
  367. # may have been committed while the post-commit hook was
  368. # disabled.
  369. require IkiWiki::Render;
  370. refresh();
  371. saveindex();
  372. if (defined $conflict) {
  373. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  374. force => 1);
  375. $form->tmpl_param("message", template("editconflict.tmpl")->output);
  376. $form->field("editcontent", value => $conflict, force => 1);
  377. $form->field("do", "edit", force => 1);
  378. $form->tmpl_param("page_select", 0);
  379. $form->field(name => "page", type => 'hidden');
  380. $form->field(name => "type", type => 'hidden');
  381. $form->title(sprintf(gettext("editing %s"), $page));
  382. showform($form, \@buttons, $session, $q,
  383. forcebaseurl => $baseurl);
  384. }
  385. else {
  386. # The trailing question mark tries to avoid broken
  387. # caches and get the most recent version of the page.
  388. redirect($q, urlto($page, undef, 1)."?updated");
  389. }
  390. }
  391. exit;
  392. }
  393. 1