X-Git-Url: https://scripts.mit.edu/gitweb/www/ikiwiki.git/blobdiff_plain/c4be16703fa571e8922b43446b24cf1c4f90a371..81165dd2e079fac822eaefacafaaa612524b3aa6:/IkiWiki/Plugin/editpage.pm

diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 8ab02cabc..9210d6ff8 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -6,19 +6,19 @@ use strict;
 use IkiWiki;
 use open qw{:utf8 :std};
 
-sub import { #{{{
+sub import {
 	hook(type => "getsetup", id => "editpage", call => \&getsetup);
 	hook(type => "refresh", id => "editpage", call => \&refresh);
         hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
-} # }}}
+}
 
-sub getsetup () { #{{{
+sub getsetup () {
 	return
 		plugin => {
 			safe => 1,
 			rebuild => 1,
 		},
-} #}}}
+}
 
 sub refresh () {
 	if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
@@ -54,7 +54,7 @@ sub refresh () {
 # and other plugins use the functions below.
 package IkiWiki;
 
-sub check_canedit ($$$;$) { #{{{
+sub check_canedit ($$$;$) {
 	my $page=shift;
 	my $q=shift;
 	my $session=shift;
@@ -79,9 +79,9 @@ sub check_canedit ($$$;$) { #{{{
 		}
 	});
 	return $canedit;
-} #}}}
+}
 
-sub cgi_editpage ($$) { #{{{
+sub cgi_editpage ($$) {
 	my $q=shift;
 	my $session=shift;
 	
@@ -122,7 +122,7 @@ sub cgi_editpage ($$) { #{{{
 	my $absolute=($page =~ s#^/+##);
 	if (! defined $page || ! length $page ||
 	    file_pruned($page, $config{srcdir})) {
-		error("bad page name");
+		error(gettext("bad page name"));
 	}
 
 	my $baseurl = urlto($page, undef, 1);
@@ -156,7 +156,7 @@ sub cgi_editpage ($$) { #{{{
 			$type=pagetype($pagesources{$from});
 		}
 		$type=$config{default_pageext} unless defined $type;
-		$file=$page.".".$type;
+		$file=newpagefile($page, $type);
 		if (! $form->submitted) {
 			$form->field(name => "rcsinfo", value => "", force => 1);
 		}
@@ -230,8 +230,8 @@ sub cgi_editpage ($$) { #{{{
 		# Previewing may have created files on disk.
 		# Keep a list of these to be deleted later.
 		my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
-		foreach my $file (@{$renderedfiles{$page}}) {
-			$previews{$file}=1 unless $wasrendered{$file};
+		foreach my $f (@{$renderedfiles{$page}}) {
+			$previews{$f}=1 unless $wasrendered{$f};
 		}
 		@{$wikistate{editpage}{previews}} = keys %previews;
 		$renderedfiles{$page}=[keys %wasrendered];
@@ -250,7 +250,7 @@ sub cgi_editpage ($$) { #{{{
 			    file_pruned($from, $config{srcdir}) ||
 			    $from=~/^\// || 
 			    $absolute ||
-			    $form->submitted eq "Preview") {
+			    $form->submitted) {
 				@page_locs=$best_loc=$page;
 			}
 			else {
@@ -340,16 +340,7 @@ sub cgi_editpage ($$) { #{{{
 	else {
 		# save page
 		check_canedit($page, $q, $session);
-	
-		# The session id is stored on the form and checked to
-		# guard against CSRF. But only if the user is logged in,
-		# as anonok can allow anonymous edits.
-		if (defined $session->param("name")) {
-			my $sid=$q->param('sid');
-			if (! defined $sid || $sid ne $session->id) {
-				error(gettext("Your login session has expired."));
-			}
-		}
+		checksessionexpiry($q, $session, $q->param('sid'));
 
 		my $exists=-e "$config{srcdir}/$file";
 
@@ -462,6 +453,6 @@ sub cgi_editpage ($$) { #{{{
 	}
 
 	exit;
-} #}}}
+}
 
 1