}
if (defined $params{subject}) {
- $pagestate{$page}{meta}{title} = $params{subject};
+ # decode title the same way meta does
+ eval q{use HTML::Entities};
+ $pagestate{$page}{meta}{title} = decode_entities($params{subject});
}
if ($params{page} =~ m/\/\Q$config{comments_pagename}\E\d+_/) {
my $page = $form->field('page');
$page = IkiWiki::possibly_foolish_untaint($page);
if (! defined $page || ! length $page ||
- IkiWiki::file_pruned($page, $config{srcdir})) {
+ IkiWiki::file_pruned($page)) {
error(gettext("bad page name"));
}
# pending comment before untainting.
my ($f)= $id =~ /$config{wiki_file_regexp}/;
if (! defined $f || ! length $f ||
- IkiWiki::file_pruned($f, $config{srcdir})) {
+ IkiWiki::file_pruned($f)) {
error("illegal file");
}
find({
no_chdir => 1,
wanted => sub {
- $_=decode_utf8($_);
- if (IkiWiki::file_pruned($_, $dir)) {
+ my $file=decode_utf8($_);
+ $file=~s/^\Q$dir\E\/?//;
+ return unless length $file;
+ if (IkiWiki::file_pruned($_)) {
$File::Find::prune=1;
}
elsif (! -l $_ && ! -d _) {
- $File::Find::prune=0;
- my ($f)=/$config{wiki_file_regexp}/; # untaint
+ my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
if (defined $f && $f =~ /\Q._comment\E$/) {
- my $ctime=(stat($f))[10];
- $f=~s/^\Q$dir\E\/?//;
+ my $ctime=(stat($_))[10];
push @ret, [$f, $ctime];
}
}
eval q{use Digest::MD5 'md5_hex'};
error($@) if $@;
- return "comment-".md5_hex(Encode::encode_utf8(($page));
+ return "comment-".md5_hex(Encode::encode_utf8(($page)));
}
package IkiWiki::PageSpec;
scripts.mit.edu / www / ikiwiki.git / blobdiff