aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2010-04-17 19:05:40 -0400
committerJoey Hess <joey@kitenet.net>2010-04-17 19:05:40 -0400
commita97964688b73d0a3237c798dce3fb064ff29ff11 (patch)
tree6a3ca565cd89b6b69b736ccc391b4ec1aba87421 /IkiWiki/Plugin
parente289e0b4ba48d01e24586dbdcaeda367763edd67 (diff)
downloadikiwiki-a97964688b73d0a3237c798dce3fb064ff29ff11.tar
ikiwiki-a97964688b73d0a3237c798dce3fb064ff29ff11.tar.gz
unfinished file_prune revamp
Many calls to file_prune were incorrectly calling it with 2 parameters. In cases where the filename being checked is relative to the srcdir, that is not needed. Made absolute filenames be pruned. (This won't work for the 2 parameter call style.)
Diffstat (limited to 'IkiWiki/Plugin')
-rw-r--r--IkiWiki/Plugin/attachment.pm2
-rw-r--r--IkiWiki/Plugin/comments.pm4
-rw-r--r--IkiWiki/Plugin/editpage.pm4
-rw-r--r--IkiWiki/Plugin/rename.pm5
4 files changed, 7 insertions, 8 deletions
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm
index ad1dd9bca..8c3ff887a 100644
--- a/IkiWiki/Plugin/attachment.pm
+++ b/IkiWiki/Plugin/attachment.pm
@@ -137,7 +137,7 @@ sub formbuilder (@) {
$filename=linkpage(IkiWiki::possibly_foolish_untaint(
attachment_location($form->field('page')).
IkiWiki::basename($filename)));
- if (IkiWiki::file_pruned($filename, $config{srcdir})) {
+ if (IkiWiki::file_pruned($filename)) {
error(gettext("bad attachment filename"));
}
diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 0aa043215..1c219b6c6 100644
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -338,7 +338,7 @@ sub editcomment ($$) {
my $page = $form->field('page');
$page = IkiWiki::possibly_foolish_untaint($page);
if (! defined $page || ! length $page ||
- IkiWiki::file_pruned($page, $config{srcdir})) {
+ IkiWiki::file_pruned($page)) {
error(gettext("bad page name"));
}
@@ -548,7 +548,7 @@ sub commentmoderation ($$) {
# pending comment before untainting.
my ($f)= $id =~ /$config{wiki_file_regexp}/;
if (! defined $f || ! length $f ||
- IkiWiki::file_pruned($f, $config{srcdir})) {
+ IkiWiki::file_pruned($f)) {
error("illegal file");
}
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 44fe5514a..ee1de8eaa 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -94,7 +94,7 @@ sub cgi_editpage ($$) {
$page=possibly_foolish_untaint($page);
my $absolute=($page =~ s#^/+##);
if (! defined $page || ! length $page ||
- file_pruned($page, $config{srcdir})) {
+ file_pruned($page)) {
error(gettext("bad page name"));
}
@@ -220,7 +220,7 @@ sub cgi_editpage ($$) {
my $best_loc;
if (! defined $from || ! length $from ||
$from ne $form->field('from') ||
- file_pruned($from, $config{srcdir}) ||
+ file_pruned($from) ||
$from=~/^\// ||
$absolute ||
$form->submitted) {
diff --git a/IkiWiki/Plugin/rename.pm b/IkiWiki/Plugin/rename.pm
index 1a9da6363..69e615ead 100644
--- a/IkiWiki/Plugin/rename.pm
+++ b/IkiWiki/Plugin/rename.pm
@@ -63,9 +63,8 @@ sub check_canrename ($$$$$$) {
error(gettext("no change to the file name was specified"));
}
- # Must be a legal filename, and not absolute.
- if (IkiWiki::file_pruned($destfile, $config{srcdir}) ||
- $destfile=~/^\//) {
+ # Must be a legal filename.
+ if (IkiWiki::file_pruned($destfile)) {
error(sprintf(gettext("illegal name")));
}