From 29d286116ff9b7ca25e8ac52ccb43d3268bfcfad Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 16 Mar 2014 02:38:20 +0100 Subject: [PATCH] fix check_canedit. --- newevent.pm | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/newevent.pm b/newevent.pm index 9db731d..497ea9c 100644 --- a/newevent.pm +++ b/newevent.pm @@ -29,7 +29,7 @@ sub getsetup () { , rebuild => undef , section => "misc" } - , newevent_base => + , base => { type => "string" , example => "Agenda" , description => "prefix of the agenda hierarchy" @@ -79,7 +79,7 @@ sub duration_of_form ($$) { return $dur; }; sub page_of_event ($$$$$) { - my ($form, $from_date, $to_date, $name, $newevent_base) = @_; + my ($form, $from_date, $to_date, $name, $base) = @_; my $time = ''; if ($form->field('from_hour') ne '' or $form->field('from_minute') ne '') { if ($from_date->hour() == $to_date->hour() @@ -93,8 +93,8 @@ sub page_of_event ($$$$$) { } } return - ( $newevent_base - . ($newevent_base?'/':'').$from_date->year() + ( $base + . ($base?'/':'').$from_date->year() . '/'.sprintf('%02d', $from_date->month()) . '/'.sprintf('%02d', $from_date->day()) . '/'. ($time ne '' ? $time . '/' : '') @@ -156,7 +156,7 @@ sub post_newevent ($$$) { } sub preprocess (@) { #my %params = - # ( base => ($config{newevent_base} ? $config{newevent_base} : gettext('Agenda')) + # ( base => ($config{base} ? $config{base} : gettext('Agenda')) # , @_ ); #($form, $buttons) = newevent_form() # if not defined $form; @@ -167,6 +167,9 @@ sub sessioncgi ($$) { my ($cgi, $session) = @_; if (defined $cgi->param('do') && $cgi->param('do') eq "newevent") { # TOTRY: decode_cgi_utf8($cgi); + my $base = Encode::decode_utf8(URI::Escape::uri_unescape(IkiWiki::possibly_foolish_untaint($cgi->param('base')))); + &IkiWiki::check_canedit($base, $cgi, $session); + my $page = Encode::decode_utf8(URI::Escape::uri_unescape(IkiWiki::possibly_foolish_untaint($cgi->param('page')))); my $now_date = DateTime->now ( time_zone => 'local' @@ -196,8 +199,6 @@ sub sessioncgi ($$) { : 1; my @dow_order = ($week_start_day .. 6, 0 .. $week_start_day-1); - my $page = Encode::decode_utf8(URI::Escape::uri_unescape(IkiWiki::possibly_foolish_untaint($cgi->param('page')))); - my $newevent_base = Encode::decode_utf8(URI::Escape::uri_unescape(IkiWiki::possibly_foolish_untaint($cgi->param('base')))); my $tags = $typedlinks{$page}{tag}; my $buttons = [qw{Preview Create}]; my ($from_date, $to_date, $end_date, $inc_dur); @@ -296,7 +297,7 @@ sub sessioncgi ($$) { $form->title(sprintf(gettext("creating new events"), pagetitle(IkiWiki::basename($page)))); $form->field(name => "do", type => "hidden", value => 'newevent', force => 1); $form->field(name => "base", type => "hidden", force => 1 - , value => ($form->field('base') ? $form->field('base') : $newevent_base)); + , value => ($form->field('base') ? $form->field('base') : $base)); $form->field(name => "from_date", type => "hidden", value => '1', force => 1); $form->field(name => "to_date", type => "hidden", value => '1', force => 1); $form->field(name => "end_date", type => "hidden", value => '1', force => 1); @@ -349,10 +350,10 @@ sub sessioncgi ($$) { if (($form->submitted eq 'Create' || $form->submitted eq 'Preview') && $form->validate) { #IkiWiki::checksessionexpiry($cgi, $session, $cgi->param('sid')); - $newevent_base + $base = $form->field('base') ? $form->field('base') - : (defined $config{newevent_base} ? $config{newevent_base} : gettext('Agenda')); + : (defined $config{base} ? $config{base} : gettext('Agenda')); my $end_times = $form->field('end_times') == 0 ? undef : $form->field('end_times'); @@ -379,7 +380,7 @@ sub sessioncgi ($$) { while (++$events_try <= $events_max and (not defined $end_times or --$end_times >= 0) and (not defined $end_date or DateTime->compare($from_date, $end_date) <= 0)) { - my $dest = page_of_event($form, $from_date, $to_date, $name, $newevent_base); + my $dest = page_of_event($form, $from_date, $to_date, $name, $base); my $week = $from_date->weekday_of_month(); my $day = $now_date->{locale}->day_format_wide->[$from_date->day_of_week()-1]; if (not defined $dom or exists $dom->{"$week° $day"}) { @@ -427,7 +428,7 @@ sub sessioncgi ($$) { IkiWiki::disable_commit_hook() } foreach my $event (@events) { - create($event, $cgi, $session, \%months, $newevent_base); + create($event, $cgi, $session, \%months, $base); } if ($config{rcs}) { IkiWiki::rcs_commit_staged @@ -534,7 +535,7 @@ sub preview($$$$) { } } sub create ($$$$$) { - my ($event, $cgi, $session, $months, $newevent_base) = @_; + my ($event, $cgi, $session, $months, $base) = @_; check_cannewevent ( $event->{page} , $event->{file} @@ -550,8 +551,8 @@ sub create ($$$$$) { } # month page my $monthpage = - ( $newevent_base - . ($newevent_base?'/':'').$event->{from}->year() + ( $base + . ($base?'/':'').$event->{from}->year() . '/'.sprintf('%02d', $event->{from}->month()) ); my $monthfile = IkiWiki::newpagefile($monthpage, $pageext); @@ -559,7 +560,7 @@ sub create ($$$$$) { and not -l $config{srcdir}.'/'.$monthfile and not -e _) { my $tmpl_neweventmonth = template("neweventmonth.tmpl"); - $tmpl_neweventmonth->param(base => $newevent_base); + $tmpl_neweventmonth->param(base => $base); $tmpl_neweventmonth->param(year => $event->{from}->year()); $tmpl_neweventmonth->param(month => sprintf('%02d', $event->{from}->month())); $tmpl_neweventmonth->param(monthname => $months->{$event->{from}->month()}); @@ -579,7 +580,7 @@ sub create ($$$$$) { and not -l $config{srcdir}.'/'.$dayfile and not -e _) { my $tmpl_neweventday = template("neweventday.tmpl"); - $tmpl_neweventday->param(base => $newevent_base); + $tmpl_neweventday->param(base => $base); $tmpl_neweventday->param(year => $event->{from}->year()); $tmpl_neweventday->param(month => sprintf('%02d', $event->{from}->month())); $tmpl_neweventday->param(monthname => $months->{$event->{from}->month()}); -- 2.20.1