aboutsummaryrefslogtreecommitdiff
path: root/templates/editpage.tmpl
Commit message (Collapse)AuthorAge
* forgot to add wmd tag hereJoey Hess2009-03-07
|
* Split out error messages from editpage.tmpl into several separate templates.Joey Hess2008-07-22
|
* skeleton rename pluginJoey Hess2008-07-21
|
* simplified confirmation formJoey Hess2008-07-21
| | | | also, there's no titlepage conversion issues
* editpage: Don't show attachments link when attachments are disabled.Joey Hess2008-07-21
|
* add br at topJoey Hess2008-07-06
| | | | | | | firefox 3 smooshed the page location dropdown up to the page title, obscuring descenders and underscores. Maybe that's a bug, since the CSS didn't ask it to, but I think adding the extra space of a br at the top looks better anyway.
* toggle: Add javascript to top of page, not to end. This avoids flicker since ↵Joey Hess2008-07-02
| | | | closed toggles will not be displayed as the page is loading.
* xhtml fixesJoey Hess2008-07-02
|
* attachments interface visibility togglingJoey Hess2008-07-02
|
* basic attachment listJoey Hess2008-07-01
|
* add support for an attachment upload fieldJoey Hess2008-06-30
| | | | | | FormBuilder makes it annoyingly hard to move a submit button to a nonstandard place. The button name has to be "_submit" or FormBuilder will ignore it.
* Fix CSRF attacks against the preferences and edit forms. Closes: #475445Joey Hess2008-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | The fix involved embedding the session id in the forms, and not allowing the forms to be submitted if the embedded id does not match the session id. In the case of the preferences form, if the session id is not embedded, then the CGI parameters are cleared. This avoids a secondary attack where the link to the preferences form prefills password or other fields, and the user hits "submit" without noticing these prefilled values. In the case of the editpage form, the anonok plugin can allow anyone to edit, and so I chose not to guard against CSRF attacks against users who are not logged in. Otherwise, it also embeds the session id and checks it. For page editing, I assume that the user will notice if content or commit message is changed because of CGI parameters, and won't blndly hit save page. So I didn't block those CGI paramters. (It's even possible to use those CGI parameters, for good, not for evil, I guess..) The only other CSRF attack I can think of in ikiwiki involves the poll plugin. It's certianly possible to set up a link that causes the user to unknowingly vote in a poll. However, the poll plugin is not intended to be used for things that people would want to attack, since anyone can after all edit the poll page and fill in any values they like. So this "attack" is ignorable.
* * Applied Jeremie Koenig's pluggable editpage buttons patch:joey2007-08-17
| | | | | | | | | | | | - add a title to the editpage form; - pass a reference to the list of buttons to the formbuilder_setup hooks, so we can add ours; - relax asumption about the possible submit values (use "Save Page" explicitly); - de-hardcode the submit buttons from the editpage template (This was needed for compatability with a bug in CGI::FormBuilder 3.0401, but ikiwiki already needs a newer version.) * Pass buttons to all other formbuilder_setup hooks too.
* * Wrap the editpage template in the standard misctemplate, this allows thejoey2007-07-16
| | | | | pagetemplate hook to work for that page. * Above change fixes the favicon plugin to work on edit pages.
* * Make all templates have a footer div to ease themeing. Required templatejoey2007-05-11
| | | | | | | | and style sheet updates, and unless you're using customised versions, you'll want to rebuild wikis on upgrade to this version to avoid inconsistencies. * Allow WIKINAME to to used in footers, as an example of something to put there.
* wordingjoey2007-03-17
|
* * Detect the case of two people independently creating the same page at thejoey2007-03-17
| | | | same time, and let the second person resolve the conflict.
* * Patch from Ethan to improve behavior if a page is deleted or moved whilejoey2007-02-24
| | | | | | someone is editing it. * Some cleanup of field setting in the failed edit and conflict handling code.
* * Many changes to make ikiwiki very resistant to write failuresjoey2007-02-15
| | | | | | | | including out of disk space situations. ikiwiki should never leave truncated files, and if the error occurs during a web-based file edit, the user will be given an opportunity to retry. Inspired by the many ways Moin Moin destroys itself when out of disk. :-) * Fix syslogging of errors.
* typosjoey2006-11-15
|
* * Work around a strange bug in CGI::FormBuilder 3.0401 that makesjoey2006-11-10
| | | | | | FORM-SUBMIT unusable on customised formbuilder templates. For now, hardcode the submit buttons in editpage.tmpl instead of using the template variable, which is ok, since the buttons are static.
* fix mime typejoey2006-09-17
|
* * Updated ikiwiki.svgz from Recai, includes an icon and is used to generatejoey2006-09-16
| | | | a multi-resolution favicon.ico.
* * pagetemplate hooks are now also called when generating cgi pages.joey2006-09-16
| | | | | * Add a favicon plugin, which simply adds a link tag for an icon to each page (and cgis).
* * Make all pages pull in a local.css style sheet, if present. This won'tjoey2006-08-24
| | | | | be included in ikiwiki, but can be created to make local styling changes w/o needing to merge in every new change to the distributed style.css.
* * Fixed a bug with previews of subpages having broken links to top-leveljoey2006-08-21
| | | | | | | | pages. * Change how the stylesheet url is determined in the templates: Remove STYLEURL and add BASEURL to all templates (some already had it). This new more general variable can be used to link to other things (eg, images) from the template, as well as stylesheets.
* * Patch from Recai to allow selection of page type when creating a new page.joey2006-07-26
| | | | | Default page type is inherited from the link clicked on to create the new page.
* so make sure to let perl know it should be handled as utf8. Also,joey2006-07-02
| | | | | * Improve layout of edit page so formatting help link is always visible w/o getting in the way of the preview.
* * Add -refresh option to ikiwiki-mass-rebuild and use that on upgrades thatjoey2006-05-27
| | | | do not need a full rebuild, in order to update any basewiki pages.
* header can appear more than one time, so is a class, not an idjoey2006-05-26
|
* * The page name and parent links has switched from using a <h1> to a styledjoey2006-05-26
| | | | | | | | | | <span>, so pages can use <h1> internally instead of needing to use <h2>. * Updated all of ikiwiki's own wiki pages for that. * Add pagetemplate hook, which can be used by plugins that want to mess around with adding new stuff to the page template. * Remove headercontent; the search plugin now adds the search box to the header by registering a pagetemplate hook, and other plugins should do similarly.
* - add <base> to cgi output, this is especially useful for output containingjoey2006-04-02
| | | | | | | | | | | wikilinks since the urls should work now in more situations - drop --limit from svn log run, since a) it needs a fairly new svn and b) in some cases, it would limit it to too few entries to display the requested number of changes - Use driver:DB_File and not driver:db_file for better compatability with old versions of CGI::Session. - Note that HTML::Template 3.02.02 is needed.
* css supportjoey2006-03-29
|
* html validation fixes:joey2006-03-29
| | | | | | | | | | | - escape & in urls (also clean up cgi url generation) - since markdown wraps inlined pages in <p></p>, close and re-open the paragraph tags when generating the embedded html - added XHTML 1.0 doctypes to templates - fixed <hr /> and <br /> in templates - add an alt attribute to inline images, based on the WikiLink to the image. Allows things like [[my_image|img.png]] to customise alt text.
* link to helponformatting from the edit pagejoey2006-03-19
|
* conflict detection, merging, etc should be done now, I thinkjoey2006-03-19
|
* first cut at svn merge and conflictjoey2006-03-19
|
* add a header to page preview sectionjoey2006-03-16
|
* dd page previewjoey2006-03-16
|
* - use templates for signin form, error messagesjoey2006-03-12
- use FormBuilder for edit page forms (also use template) - print debug to stderr in cgi mode to avoid breaking http headers - fix links to page in parentlinks if $url is unset - reorganise how wikilink is used in templates - only make recentchanes link if svn is enabled - change session id cookie to something we control - add support for logging committer name for web commits from signed in users (untested) - probably more changes I forgot