summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/editpage.pm
blob: 44fe5514a7cf0017ce3a3f5c1193ed78c2af1108 (plain)
  1. #!/usr/bin/perl
  2. package IkiWiki::Plugin::editpage;
  3. use warnings;
  4. use strict;
  5. use IkiWiki;
  6. use open qw{:utf8 :std};
  7. sub import {
  8. hook(type => "getsetup", id => "editpage", call => \&getsetup);
  9. hook(type => "refresh", id => "editpage", call => \&refresh);
  10. hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
  11. }
  12. sub getsetup () {
  13. return
  14. plugin => {
  15. safe => 1,
  16. rebuild => 1,
  17. section => "core",
  18. },
  19. }
  20. sub refresh () {
  21. if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
  22. # Expire old preview files after one hour.
  23. my $expire=time - (60 * 60);
  24. my @previews;
  25. foreach my $file (@{$wikistate{editpage}{previews}}) {
  26. my $mtime=(stat("$config{destdir}/$file"))[9];
  27. if (defined $mtime && $mtime <= $expire) {
  28. # Avoid deleting a preview that was later saved.
  29. my $delete=1;
  30. foreach my $page (keys %renderedfiles) {
  31. if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
  32. $delete=0;
  33. }
  34. }
  35. if ($delete) {
  36. debug(sprintf(gettext("removing old preview %s"), $file));
  37. IkiWiki::prune("$config{destdir}/$file");
  38. }
  39. }
  40. elsif (defined $mtime) {
  41. push @previews, $file;
  42. }
  43. }
  44. $wikistate{editpage}{previews}=\@previews;
  45. }
  46. }
  47. # Back to ikiwiki namespace for the rest, this code is very much
  48. # internal to ikiwiki even though it's separated into a plugin,
  49. # and other plugins use the function below.
  50. package IkiWiki;
  51. sub cgi_editpage ($$) {
  52. my $q=shift;
  53. my $session=shift;
  54. my $do=$q->param('do');
  55. return unless $do eq 'create' || $do eq 'edit';
  56. decode_cgi_utf8($q);
  57. my @fields=qw(do rcsinfo subpage from page type editcontent comments);
  58. my @buttons=("Save Page", "Preview", "Cancel");
  59. eval q{use CGI::FormBuilder};
  60. error($@) if $@;
  61. my $form = CGI::FormBuilder->new(
  62. fields => \@fields,
  63. charset => "utf-8",
  64. method => 'POST',
  65. required => [qw{editcontent}],
  66. javascript => 0,
  67. params => $q,
  68. action => $config{cgiurl},
  69. header => 0,
  70. table => 0,
  71. template => scalar template_params("editpage.tmpl"),
  72. );
  73. decode_form_utf8($form);
  74. run_hooks(formbuilder_setup => sub {
  75. shift->(form => $form, cgi => $q, session => $session,
  76. buttons => \@buttons);
  77. });
  78. decode_form_utf8($form);
  79. # This untaint is safe because we check file_pruned and
  80. # wiki_file_regexp.
  81. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
  82. $page=possibly_foolish_untaint($page);
  83. my $absolute=($page =~ s#^/+##);
  84. if (! defined $page || ! length $page ||
  85. file_pruned($page, $config{srcdir})) {
  86. error(gettext("bad page name"));
  87. }
  88. my $baseurl = urlto($page, undef, 1);
  89. my $from;
  90. if (defined $form->field('from')) {
  91. ($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
  92. }
  93. my $file;
  94. my $type;
  95. if (exists $pagesources{$page} && $form->field("do") ne "create") {
  96. $file=$pagesources{$page};
  97. $type=pagetype($file);
  98. if (! defined $type || $type=~/^_/) {
  99. error(sprintf(gettext("%s is not an editable page"), $page));
  100. }
  101. if (! $form->submitted) {
  102. $form->field(name => "rcsinfo",
  103. value => rcs_prepedit($file), force => 1);
  104. }
  105. $form->field(name => "editcontent", validate => '/.*/');
  106. }
  107. else {
  108. $type=$form->param('type');
  109. if (defined $type && length $type && $hooks{htmlize}{$type}) {
  110. $type=possibly_foolish_untaint($type);
  111. }
  112. elsif (defined $from && exists $pagesources{$from}) {
  113. # favor the type of linking page
  114. $type=pagetype($pagesources{$from});
  115. }
  116. $type=$config{default_pageext} unless defined $type;
  117. $file=newpagefile($page, $type);
  118. if (! $form->submitted) {
  119. $form->field(name => "rcsinfo", value => "", force => 1);
  120. }
  121. $form->field(name => "editcontent", validate => '/.+/');
  122. }
  123. $form->field(name => "do", type => 'hidden');
  124. $form->field(name => "sid", type => "hidden", value => $session->id,
  125. force => 1);
  126. $form->field(name => "from", type => 'hidden');
  127. $form->field(name => "rcsinfo", type => 'hidden');
  128. $form->field(name => "subpage", type => 'hidden');
  129. $form->field(name => "page", value => $page, force => 1);
  130. $form->field(name => "type", value => $type, force => 1);
  131. $form->field(name => "comments", type => "text", size => 80);
  132. $form->field(name => "editcontent", type => "textarea", rows => 20,
  133. cols => 80);
  134. $form->tmpl_param("can_commit", $config{rcs});
  135. $form->tmpl_param("indexlink", indexlink());
  136. $form->tmpl_param("helponformattinglink",
  137. htmllink($page, $page, "ikiwiki/formatting",
  138. noimageinline => 1,
  139. linktext => "FormattingHelp"));
  140. if ($form->submitted eq "Cancel") {
  141. if ($form->field("do") eq "create" && defined $from) {
  142. redirect($q, urlto($from, undef, 1));
  143. }
  144. elsif ($form->field("do") eq "create") {
  145. redirect($q, $config{url});
  146. }
  147. else {
  148. redirect($q, urlto($page, undef, 1));
  149. }
  150. exit;
  151. }
  152. elsif ($form->submitted eq "Preview") {
  153. my $new=not exists $pagesources{$page};
  154. if ($new) {
  155. # temporarily record its type
  156. $pagesources{$page}=$page.".".$type;
  157. }
  158. my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
  159. my $content=$form->field('editcontent');
  160. run_hooks(editcontent => sub {
  161. $content=shift->(
  162. content => $content,
  163. page => $page,
  164. cgi => $q,
  165. session => $session,
  166. );
  167. });
  168. my $preview=htmlize($page, $page, $type,
  169. linkify($page, $page,
  170. preprocess($page, $page,
  171. filter($page, $page, $content), 0, 1)));
  172. run_hooks(format => sub {
  173. $preview=shift->(
  174. page => $page,
  175. content => $preview,
  176. );
  177. });
  178. $form->tmpl_param("page_preview", $preview);
  179. if ($new) {
  180. delete $pagesources{$page};
  181. }
  182. # Previewing may have created files on disk.
  183. # Keep a list of these to be deleted later.
  184. my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
  185. foreach my $f (@{$renderedfiles{$page}}) {
  186. $previews{$f}=1 unless $wasrendered{$f};
  187. }
  188. @{$wikistate{editpage}{previews}} = keys %previews;
  189. $renderedfiles{$page}=[keys %wasrendered];
  190. saveindex();
  191. }
  192. elsif ($form->submitted eq "Save Page") {
  193. $form->tmpl_param("page_preview", "");
  194. }
  195. if ($form->submitted ne "Save Page" || ! $form->validate) {
  196. if ($form->field("do") eq "create") {
  197. my @page_locs;
  198. my $best_loc;
  199. if (! defined $from || ! length $from ||
  200. $from ne $form->field('from') ||
  201. file_pruned($from, $config{srcdir}) ||
  202. $from=~/^\// ||
  203. $absolute ||
  204. $form->submitted) {
  205. @page_locs=$best_loc=$page;
  206. }
  207. else {
  208. my $dir=$from."/";
  209. $dir=~s![^/]+/+$!!;
  210. if ((defined $form->field('subpage') &&
  211. length $form->field('subpage')) ||
  212. $page eq lc($config{discussionpage})) {
  213. $best_loc="$from/$page";
  214. }
  215. else {
  216. $best_loc=$dir.$page;
  217. }
  218. push @page_locs, $dir.$page;
  219. push @page_locs, "$from/$page";
  220. while (length $dir) {
  221. $dir=~s![^/]+/+$!!;
  222. push @page_locs, $dir.$page;
  223. }
  224. my $userpage=IkiWiki::userpage($page);
  225. push @page_locs, $userpage
  226. if ! grep { $_ eq $userpage } @page_locs;
  227. }
  228. @page_locs = grep {
  229. ! exists $pagecase{lc $_}
  230. } @page_locs;
  231. if (! @page_locs) {
  232. # hmm, someone else made the page in the
  233. # meantime?
  234. if ($form->submitted eq "Preview") {
  235. # let them go ahead with the edit
  236. # and resolve the conflict at save
  237. # time
  238. @page_locs=$page;
  239. }
  240. else {
  241. redirect($q, urlto($page, undef, 1));
  242. exit;
  243. }
  244. }
  245. my @editable_locs = grep {
  246. check_canedit($_, $q, $session, 1)
  247. } @page_locs;
  248. if (! @editable_locs) {
  249. # now let it throw an error, or prompt for
  250. # login
  251. map { check_canedit($_, $q, $session) }
  252. ($best_loc, @page_locs);
  253. }
  254. my @page_types;
  255. if (exists $hooks{htmlize}) {
  256. foreach my $key (grep { !/^_/ } keys %{$hooks{htmlize}}) {
  257. push @page_types, [$key, $hooks{htmlize}{$key}{longname} || $key];
  258. }
  259. }
  260. @page_types=sort @page_types;
  261. $form->tmpl_param("page_select", 1);
  262. $form->field(name => "page", type => 'select',
  263. options => [ map { [ $_, pagetitle($_, 1) ] } @editable_locs ],
  264. value => $best_loc);
  265. $form->field(name => "type", type => 'select',
  266. options => \@page_types);
  267. $form->title(sprintf(gettext("creating %s"), pagetitle($page)));
  268. }
  269. elsif ($form->field("do") eq "edit") {
  270. check_canedit($page, $q, $session);
  271. if (! defined $form->field('editcontent') ||
  272. ! length $form->field('editcontent')) {
  273. my $content="";
  274. if (exists $pagesources{$page}) {
  275. $content=readfile(srcfile($pagesources{$page}));
  276. $content=~s/\n/\r\n/g;
  277. }
  278. $form->field(name => "editcontent", value => $content,
  279. force => 1);
  280. }
  281. $form->tmpl_param("page_select", 0);
  282. $form->field(name => "page", type => 'hidden');
  283. $form->field(name => "type", type => 'hidden');
  284. $form->title(sprintf(gettext("editing %s"), pagetitle($page)));
  285. }
  286. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  287. }
  288. else {
  289. # save page
  290. check_canedit($page, $q, $session);
  291. checksessionexpiry($q, $session, $q->param('sid'));
  292. my $exists=-e "$config{srcdir}/$file";
  293. if ($form->field("do") ne "create" && ! $exists &&
  294. ! defined srcfile($file, 1)) {
  295. $form->tmpl_param("message", template("editpagegone.tmpl")->output);
  296. $form->field(name => "do", value => "create", force => 1);
  297. $form->tmpl_param("page_select", 0);
  298. $form->field(name => "page", type => 'hidden');
  299. $form->field(name => "type", type => 'hidden');
  300. $form->title(sprintf(gettext("editing %s"), $page));
  301. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  302. exit;
  303. }
  304. elsif ($form->field("do") eq "create" && $exists) {
  305. $form->tmpl_param("message", template("editcreationconflict.tmpl")->output);
  306. $form->field(name => "do", value => "edit", force => 1);
  307. $form->tmpl_param("page_select", 0);
  308. $form->field(name => "page", type => 'hidden');
  309. $form->field(name => "type", type => 'hidden');
  310. $form->title(sprintf(gettext("editing %s"), $page));
  311. $form->field("editcontent",
  312. value => readfile("$config{srcdir}/$file").
  313. "\n\n\n".$form->field("editcontent"),
  314. force => 1);
  315. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  316. exit;
  317. }
  318. my $message="";
  319. if (defined $form->field('comments') &&
  320. length $form->field('comments')) {
  321. $message=$form->field('comments');
  322. }
  323. my $content=$form->field('editcontent');
  324. check_content(content => $content, page => $page,
  325. cgi => $q, session => $session,
  326. subject => $message);
  327. run_hooks(editcontent => sub {
  328. $content=shift->(
  329. content => $content,
  330. page => $page,
  331. cgi => $q,
  332. session => $session,
  333. );
  334. });
  335. $content=~s/\r\n/\n/g;
  336. $content=~s/\r/\n/g;
  337. $content.="\n" if $content !~ /\n$/;
  338. $config{cgi}=0; # avoid cgi error message
  339. eval { writefile($file, $config{srcdir}, $content) };
  340. $config{cgi}=1;
  341. if ($@) {
  342. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  343. force => 1);
  344. my $mtemplate=template("editfailedsave.tmpl");
  345. $mtemplate->param(error_message => $@);
  346. $form->tmpl_param("message", $mtemplate->output);
  347. $form->field("editcontent", value => $content, force => 1);
  348. $form->tmpl_param("page_select", 0);
  349. $form->field(name => "page", type => 'hidden');
  350. $form->field(name => "type", type => 'hidden');
  351. $form->title(sprintf(gettext("editing %s"), $page));
  352. showform($form, \@buttons, $session, $q,
  353. forcebaseurl => $baseurl);
  354. exit;
  355. }
  356. my $conflict;
  357. if ($config{rcs}) {
  358. if (! $exists) {
  359. rcs_add($file);
  360. }
  361. # Prevent deadlock with post-commit hook by
  362. # signaling to it that it should not try to
  363. # do anything.
  364. disable_commit_hook();
  365. $conflict=rcs_commit($file, $message,
  366. $form->field("rcsinfo"),
  367. $session->param("name"), $ENV{REMOTE_ADDR});
  368. enable_commit_hook();
  369. rcs_update();
  370. }
  371. # Refresh even if there was a conflict, since other changes
  372. # may have been committed while the post-commit hook was
  373. # disabled.
  374. require IkiWiki::Render;
  375. refresh();
  376. saveindex();
  377. if (defined $conflict) {
  378. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  379. force => 1);
  380. $form->tmpl_param("message", template("editconflict.tmpl")->output);
  381. $form->field("editcontent", value => $conflict, force => 1);
  382. $form->field("do", "edit", force => 1);
  383. $form->tmpl_param("page_select", 0);
  384. $form->field(name => "page", type => 'hidden');
  385. $form->field(name => "type", type => 'hidden');
  386. $form->title(sprintf(gettext("editing %s"), $page));
  387. showform($form, \@buttons, $session, $q,
  388. forcebaseurl => $baseurl);
  389. }
  390. else {
  391. # The trailing question mark tries to avoid broken
  392. # caches and get the most recent version of the page.
  393. redirect($q, urlto($page, undef, 1)."?updated");
  394. }
  395. }
  396. exit;
  397. }
  398. 1